no i dont realize that, so where should that line be instead? after the defaults env_keep = line?
The main thing i am getting from this is that for graphical stuff, there is no real way to do this, Adding the DISPLAY XAUTHORITY line did not seem to do anything for me.
No, it does work, but your configuration has:
So the second overwrites the first.
Instead, use:
Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER DISPLAY XAUTHORITY"
And it should work fine. Just remove the Defaults env_keep += "DISPLAY XAUTHORITY" line (it looks like you have those two values at the end of the Defaults env_keep = line.)
The thing there isnât really a solution for is a GUI-based prompt for the password. I did a little digging, and kdesudo and gksudo are both deprecated - they werenât updated to work with the current KDE Plasma/GNOME3 toolkits.
Right, I made the change in my sudoers file, That works fine. The issue at this point is the fact that i would also prefer to have the graphical part working and it doesnât. The part where you are mentioning the Gui based prompt is the current issue where it is sounding like there isnât a solution.
Right, just for the password entry. You might be able to whack something together using zenity or the QT equivalent, but it might expose passwords in ways you wouldnât really want to.
The other examples I found involved using pkexec, but that doesnât use the sudoers configuration at all.
Hereâs a thought (not sure of the security implications of it) - there is functionality in sudo to use a password helper app.
So you could do something like create a shell script (say itâs /usr/bin/askpass.sh):
#!/bin/bash
zenity --password
Then set an environment variable in the user environment:
SUDO_ASKPASS="/usr/bin/askpass.sh"
Then when you run sudo, use:
sudo -A ls
This will cause askpass.sh to be called and the password to be asked for by zenity. What zenity does is respond with the password as a string, and then it will pick that up. I canât find a way to default to using -A - so that would have to be specified (you could alias âsudoâ to âsudo -Aâ).
Another option that Iâve found is a one-liner:
echo $(zenity --password --title="Enter sudo password") | sudo -S [your command]
This also seems to work, but doesnât understand when sudo is in its time period where a password isnât required after having entered it, whereas the SUDO_ASKPASS method should understand that.