Hope this is in the right place and I apologize in advance if it is not.
Many people would like not to have to open a terminal or have more granular control over permitions that can be achieved using PAM permissions(read the man pages for PAM for more information) and the consolehelper.
The sources for this comes from
Red Hat manuals
Say we want to have gedit ask for a root pasword so we do the fallowing.
- Step 1 - Open a terminal. (Applications -> System Tools -> Terminal)
- Step 2 - Become root:
- Step 3 - Create a symlink in /usr/sbin/
Code:
cd /usr/bin
ln -s consolehelper gedit-root
- Step 4 - Create a PAM configuration file in
/etc/pam.d/foo:
# Open an editor you like (vi, nano, gedit) create a file with this inside:
#%PAM-1.0
auth [success=done ignore=ignore default=bad] pam_selinux_permit.so
session include system-auth
auth include system-auth
auth optional pam_gnome_keyring.so
account include system-auth
password include system-auth
Save it to
/etc/pam.d/ with the name of your symlink in this case
gedit-root
ps: Those permissions were copied from the
/etc/pam.d/gnome-screensaver file if you are curious about where I got those permitiions, but you can also read the man pages and do some interisting things with PAM permissions like limit resources to users, limit access and a lot more limiting. It is better then just using su -, you can even limit memory usage!
- Step 5 - Create a description to PAM in
/etc/security/console.apps/foo:
With your preferred text editor paste this:
USER=root
PROGRAM=/usr/bin/gedit
SESSION=true
FALLBACK=false
IMPORTANT!
Please note that in the PROGRAM part the file called is gedit not gedit-root.
Name the file
gedit-root and save it in
/etc/security/console.apps/
- Step 6 - Create a Desktop descriptor in
/usr/share/applications/foo.desktop so you can see it on the applications menu:
With your preferred text editor paste thiis:
[Desktop Entry]
Encoding=UTF-8
Name=gedit-root
GenericName=Text Editor Root
StartupNotify=true
MimeType=text/plain;
Categories=Application;System;X-Red-Hat-Base
Comment=Launches Gedit As Root
Icon=password.png
Exec=/usr/bin/gedit-root
Terminal=false
Type=Application
StartupNotify=true
MimeType=text/plain;
Icon=accessories-text-editor
Categories=GNOME;GTK;Utility;TextEditor;
X-GNOME-DocPath=gedit/gedit.xml
X-GNOME-FullName=gedit-root Text Editor
X-GNOME-Bugzilla-Bugzilla=GNOME
X-GNOME-Bugzilla-Product=gedit
X-GNOME-Bugzilla-Component=general
X-GNOME-Bugzilla-Version=2.28.3
X-GNOME-Bugzilla-ExtraInfoScript=/usr/libexec/gedit-2/gedit-bugreport.sh
X-Desktop-File-Install-Version=0.15
Name it
gedit-root.desktop and save it to
/usr/share/applications/ and you are done. Now when you need to edit your config files you can just click on the gedit-root and it will open gedit as root.
ps: I took this configurations from the original gedit.desktop file and edited a little.
You can now make programs ask for permissions like nautilus when you want to navigate through root owned folders, you can make the nvidia settings start as root and you can now using the PAM file describe what can be done or not.
Linear Mode
