Do not require sudo for default Desktop
Identify remaining elements needed to remove the use of "sudo" for the default Desktop install. Switching entirely to PolicyKit would be the primary goal.
Blueprint information
- Status:
- Not started
- Approver:
- Rick Clark
- Priority:
- Undefined
- Drafter:
- Kees Cook
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Discussion
- Series goal:
- None
- Implementation:
-
Unknown
- Milestone target:
- None
- Started by
- Completed by
Related bugs
Whiteboard
* Reasons for getting sudo out of Desktop
* Central place to configure authorizations (PolicyKit)
* no graphical applications should ever run as root
* sudo is all or nothing in some environments, which means regular people may not be able to do privileged needed actions
* Identify remaining default tools using sudo/gksudo
* apport
* synaptic, gdebi, update-notifier, apturl
-> And what about terminal stuff? sudo cp, ln.. should work, or would it require full root access?
* Deprecation Plans
* State of packaging
* packagekit (backend as root, frontend not)
* need to pass ENV variables to gui frontend which runs as root
* gksu/policykit
* talks to dbus service and says 'run this as root'
* not as trusted as sudo (which is defensive and has many checks)
* unstable
* could be adjusted to have whitelisted commands
* needs to be a one-time allowed action
* packages (like synaptic) will declare themselves for whitelisting in some
manner
* future dbus functionality to pass pty fd over dbus to vte terminal
* policykit frontend not attractive
* removing sudo package from default install?
* users don't want to use synaptic to install sudo
* lots of people are used to sudo being there
* copy/paste of sudo commands is wide-spread
* removing sudo means there is one less avenue of attack
* if X doesn't come up, it is harder to fix stuff
* remove/rename admin group from /etc/sudoers (so user has to add a group
via policykit aware application, ...)
091017: Here is a more detailed and up to date list of packages depending on gksu. Not that many dependencies left in main.
The ones depending on gksu in the default installation is apturl, gdebi, gnome-codec-
depends
∘ multiverse
‣ controlaula
‣ lubuntu-desktop
‣ mythtv-backend
‣ mythtv-frontend
∘ main
‣ apturl
‣ gdebi
‣ gnome-app-install
‣ gnome-codec-install
‣ gnome-utils
‣ gparted
‣ libgksu2-0
‣ nautilus-gksu
‣ network-
‣ sabayon
‣ synaptic
‣ software-
‣ update-notifier
∘ universe
‣ aptlinex
‣ aptoncd
‣ brdesktop-gnome
‣ ettercap-gtk
‣ foomatic-gui
‣ galternatives
‣ gapti
‣ gdecrypt
‣ gexec
‣ gkdebconf
‣ gnome-desktop-
‣ gnome-netstatus
‣ gpppon
‣ gufw
‣ hplip-gui
‣ kleansweep
‣ live-magic
‣ macchanger-gtk
‣ menu
‣ mythbuntu-
‣ network-config
‣ pcmanfm
‣ pcmanfm-nohal
‣ pysdm
‣ update-
‣ usb-imagewriter
‣ ẅicd
‣ xnetcardconfig
‣ zenmap
• False depends?
∘ checkbox-gtk
∘ update-manager
• Fixed
∘ gdm
∘ kvpnc
∘ mythbuntu-
∘ usb-creator
• Removed
∘ gnome-apt
090724 Olof
1. Is this dependancy valid for checkbox-gtk? I ran the program as a normal user and did some grepping in the source code and couldn't find any references to gksu. If I'm wrong, could someone point out the relevant code?
2. Is there any interest in porting software-
