Bugzilla – Bug 267399
kdesu does not care about /etc/sudoers
Last modified: 2009-03-02 19:51:31 UTC
Not only sudo but also kdesu should take care about the /etc/sudoers file. This will be especially useful when performing online updates via SuseUpdater. An entry for "/sbin/yast2 online_update" should also relieve from typing the root pwd when using the graphical frontend rather than the text interface. This will of course also be possible if SuseUpdater tried a sudo before invoking kdesu, which would however pose a specific and therefore less desirable solution. At the moment something seems to be completely messed with kdesu in OpenSuse10.2, because it does not even accept correctly typed passwords like su does!
kdesu uses sudo with 10.2. there was a bug with yast that it messed up sudoers. please attach /etc/sudoers and describe as which user you're logged in and typing the password of which user. thanks.
ping
see comment #1
> tail -n 1 /etc/sudoers elm ALL = (root) NOPASSWD: /sbin/ifconfig , ... logged in as elm; 'kdesu ifconfig' -> password box 'sudo ifconfig' -> immediate exec A resolution will be highly valuable since appropriate changes to the OpenSuse-Updater are on the way (Bug #346976).
okay, but you can start with kdesu just fine, right, except that it asks for a password? so the request is: do not show the password prompt if sudo would allow without password?
Yip; Exactly - nothing more than this!
Yep!
I agree about that. probably in the 11.0 timeframe.
Are you going to work on this? If not, then please do not play with priorities of those who do. And kdesu no longer uses sudo, so this is now void.
Lubos, you can believe me, if I only had the opprotunity, I would implement all of it - all of the kwin and kdesu bugs/enhancements. Unfortunately I am deerly required to work on something else at the moment. The reason why I have assigned a priority to that simply is because another request, that one for the SuseUpdater, which is by itself already resolved, depends on it. Perhaps it is not the task of the people from KDE to implement this, for it may not be of great concern outside the Suse-project. Nevertheless, my transeunt regards concern those people who have already voluntary invested some or even considerable effort in testing the ZENworks package management frontend(as shipped with 10.1&10.2) and will now, as the next major release namely 10.3 is impendent, have to notice that some of their most liked features simply have disappeared in the consecutive, merely yast based release of the package management frontend to libzypp. Consequently I have lately assigned priorities to all requests concerning potential feature drawbacks in the pkg.mgm.frontend, that may affect the average, engaged user as well as an enhancement(Enh 380292) as a potential candy for the double-testing effort. The OpenSuse project ought to keep and encourage its community of practice (Lubos, you simply wanted me to explicitly state this; that you can confess quiescently.). Thourough testing as well as the provision of an intelligible, concludent set of features, part of which can be provided by the soc.cop., may and will be key issues for the success of a software product. It is not a kudos if the final release of a distro greets with the backtrace of the screensaver, as was the case for Su10.3/kde. As long as no one is against it I will continue to assign priorities(at least up to the level of three) if I believe that a request is of increased importance to the OpenSuse-project, simply because that feature has been activated for me; - and a vote for those which I would appreciate to become resolved in regard to my own flavour and purpose.
Priorities are for people working on bugreports. And what features specifically should now disappear? I don't see any regressions.
Elmar?
I can confirm that in 10.3 kdesu was honoring sudoers, while it changed in 11.0 (kde 3.5), and it aways requires root password. sudo works as expected (asks for user's password). I'd highly appreciate if the old (10.3) behavior is back. Thanks
*** This bug has been marked as a duplicate of bug 400903 ***
Still an issue! # tail -1 /etc/sudoers elm ALL = (root) NOPASSWD: /sbin/yast2 inst_source > kdesu /sbin/yast2 inst_source prompts for password (as invoked by a shell or opensuseupdater-kde) while > sudo /sbin/yast2 inst_source is executed immediately
.
Very important and still not resolved; if not made available by a patch for the mainline distro it should at least be provided for Latest_KDE_3_environment_for_released_SUSE_distributions.
Another KDE program, namely kdesudo at kde-apps.org now exactly provides the desired functionality: http://kde-apps.org/content/show.php/KdeSudo?content=72106