I heard about Fedora not needing a password for yum installs. Reason being that we trust the repos and all that the password is acomplishing is teaching people to type in admin password and hit enter. I also would like to have zypper ref also allowed with no sudo or password. I would like to have the same setup for my family computer so that I don’t have to keep typing the admin password for a simple install in front of my teenagers. Anyone have an idea of where I configure this in OpenSUSE?
Let me start by saying that I have kids too that use my openSUSE boxes, but IMHO what you’re asking for is not a smart thing to do.
The last thing I want is any user on the box to be able to apply updates and install software at will. It’s not the repos I don’t trust, it’s the people doing the installs.
For example, I run the ATI native driver. If a kernel update “happens” to be part of the regular updates activated by a non-suspecting user, the machine won’t start X anymore. By definition, this will happen when I am out of the country for business and now I’m dealing with a screaming household to step them through a driver recompile over the phone. Which forces me to tell them the root password, by the way.
Sorry, that doesn’t help you, but you may want to reconsider if you do find a way…
I don’t want to do a update just zypper in and zypper ref. IMHO I can’t see anything really messing up my box through zypper in byt my kids. This just allows me to tell them type zypper in kopete or pidgin or banshee or gpodder and I’m done. They don’t mess with things and I can not have to type in a password for installs. Updates and especially dup need to be with admin password.
With zypper you can install just about anything including new kernels. This is exactly why windows gets so messed up.
It would be better to be able to install more packages to the users ~/bin rather then to /, then no passwords would be needed the user takes responsibility and only he/she gets messed up when things go wrong. The only reason to install most packages to some root directory is to allow all users access. It can be done but it is not easy. There needed to be an easy way to do this ie point and click. It would still block install of things that really need root access but allow programs that don’t to simply install in the users ~/bin at least as an option.
You can edit the ‘/etc/sudoers’ file, but twelveeighty’s right, that really isn’t a good idea. You should have control of what’s being installed on your system. This kind of thing hoses many Windows machines, with a some kid pushing the buttons to speed things along until whoosh. I’m sure your kids are smart and responsible, but apparently you wouldn’t think about giving them the root password. If you’re trying to make things easier for yourself, realize that it can be a lot harder to fix things if they make a mistake.
That information is slightly off. Fedora 12 came out with the feature of not needing root permission for installing signed packages in the default configuration. However after much protest this default was withdrawn, for pretty much the reasons stated by other posters.
But as chief_sealth wrote, you can edit /etc/sudores to specify commands or users that don’t need password with sudo. Also you can make alias to zypper command so you won’t have to write sudo each time.
I wouldn’t want to do an alias for this but I am wondering why do we have to sudo zypper ref? I can’t think of why it would harm my system. I think it is safe to do a zypper se package but in order to do an effective zypper se you must sudo zypper ref and type in your admin password.
‘zypper ref’ updates/rebuilds the rpm database. Only root has permission to write to this. se simply searches the database, and zypper does not need to write in order to do this, but it might nag you to refresh the repos in doing so.
Ref probably wouldn’t do much harm, but installing software can potentially break dependencies and there is even a risk of installing trojans.