5

In the old days of CentOS 5 i had an application that run as another user. I created a .desktop file which run a command that looked like this:

gksu -u anotheruser someapplication

When the user clicked the icon a popup asked for the password of "anotheruser" and when the password was correct "someapplication" started.

Now in the modern days of CentOS 7 i can't find a replacment for this behaviour. I tried beesu:

beesu -l -P someapplication anotheruser

but it is asking me for the root password instead of "anotheruser" password.

I also tried pkexec:

pkexec --user anotheruser someapplication

With the same result.

Both methods also have problems finding the correct display variable:

Failed to parse arguments: Cannot open display:

Any help will be appreciated.

Thank you.

thanasisp
  • 7,802
  • 2
  • 26
  • 39
user1403360
  • 2,000
  • 1
  • 12
  • 11
  • I have seen this question, but i still have the first part of the problem. How to run as nonroot user without typing the root password. I don't want to give the root password to the user. – user1403360 Nov 30 '15 at 13:14
  • Further explanation: Let's say i have 3 users on the machine: user1, user2 and root. I want that user1 has the possibility to run an application as user2. When he clicks the icon user1 should be asked for the password of user2 and not the password of user1 or root. – user1403360 Dec 01 '15 at 07:13
  • Now i found kdesu which for now seems to be a drop-in replacment for gksu – user1403360 May 20 '16 at 12:50
  • Try pkexec which will promote you native polkit agent to authenticate – 炸鱼薯条德里克 Sep 12 '19 at 12:04

1 Answers1

0

Try using sudo with an alternate user and root password in a terminal:

sudo -u USER COMMAND

If the display works correctly, you can setup sudo (in the sudoers file via visudo) to use the target user's password:

targetpw If set, sudo will prompt for the password of the user specified by the -u option (defaults to root) instead of the password of the invoking user when running a command or editing a file.

From there just build the command to launch with in an xterm.

I just remembered, I used gksudo briefly when first trying Ubuntu, is that maybe what you are thinking of?

Zak
  • 146
  • 5
  • Unfortunately, this is not going to help. The key point is that `gksu` will present a graphical password dialog, whereas `su`/`sudo` will want to read the password from the console, which is unavailable in the desktop-launcher scenario described here. Also, `gksudo` is basically part of the same software package, so if one isn't available, neither is the other. – AdminBee May 19 '22 at 14:53
  • @AdminBee I believe you could use `visudo` to configure passwordless usage for a specific user/binary combination. see https://askubuntu.com/questions/159007/how-do-i-run-specific-sudo-commands-without-a-password – Zak May 19 '22 at 15:17
  • Also just realized that in the original answer I also mentioned to wrap launch in an xterm, therefore allowing the password to be typed. – Zak May 19 '22 at 15:22
  • ....also you'll need additional mojo to copy the Xauthority data unless you do something dumb like `xhost +localhost` – symcbean Jul 12 '23 at 11:33