Hope this is in the right place and I apologize in advance if it is not.
Many people would like not to have to open a terminal or have more granular control over permitions that can be achieved using PAM permissions(read the man pages for PAM for more information) and the consolehelper.
The sources for this comes from Red Hat manuals
Say we want to have gedit ask for a root pasword so we do the fallowing.
- Step 1 - Open a terminal. (Applications -> System Tools -> Terminal)
- Step 2 - Become root:
- Step 3 - Create a symlink in /usr/sbin/
ln -s consolehelper gedit-root
- Step 4 - Create a PAM configuration file in /etc/pam.d/foo
# Open an editor you like (vi, nano, gedit) create a file with this inside:
auth [success=done ignore=ignore default=bad] pam_selinux_permit.so
session include system-auth
auth include system-auth
auth optional pam_gnome_keyring.so
account include system-auth
password include system-auth
Save it to /etc/pam.d/
with the name of your symlink in this case gedit-root
ps: Those permissions were copied from the /etc/pam.d/gnome-screensaver
file if you are curious about where I got those permitiions, but you can also read the man pages and do some interisting things with PAM permissions like limit resources to users, limit access and a lot more limiting. It is better then just using su -, you can even limit memory usage!
- Step 5 - Create a description to PAM in /etc/security/console.apps/foo
With your preferred text editor paste this:
Please note that in the PROGRAM part the file called is gedit not gedit-root.
Name the file gedit-root
and save it in /etc/security/console.apps/
- Step 6 - Create a Desktop descriptor in /usr/share/applications/foo.desktop
so you can see it on the applications menu:
With your preferred text editor paste thiis:
GenericName=Text Editor Root
Comment=Launches Gedit As Root
X-GNOME-FullName=gedit-root Text Editor
Name it gedit-root.desktop
and save it to /usr/share/applications/
and you are done. Now when you need to edit your config files you can just click on the gedit-root and it will open gedit as root.
ps: I took this configurations from the original gedit.desktop file and edited a little.
You can now make programs ask for permissions like nautilus when you want to navigate through root owned folders, you can make the nvidia settings start as root and you can now using the PAM file describe what can be done or not.