1

With portable i mean an application that can be used for example for an USB drive, and don't require to 'touch' the OS file-system for run.

Under Windows, I can distribute a .zip -> .exe -> .manifest file with "requestedExecutionLevel" xml tag. Portable and request password via UAC graphically.

Under macOS, I can distribute a .tar.gz > .App -> key in info.plist. Portable and request password graphically.

Under Linux?

The correct procedure is a /usr/share/polkit-1/actions policy file and execute a binary with pkexec. But it presume an installation to write the policy file (.deb or .rpm for example) and break portability.

We cannot rely on gksu/kdesu/beesu or similar, are deprecated and cannot be installed in recent distro (pkexec it's the recommended way).

We cannot tell (via pkexec command-line args) a local .policy file.

So, it's impossible under Linux to develop a portable application that require root privileges and GUI?

Thanks for any feedback.

Prvt_Yadav
  • 5,732
  • 7
  • 32
  • 48
Clodo
  • 11
  • 1
  • Can't you just provide "``run.sh``" script that checks if ``pkexec`` exists and, if yes, runs ``pkexec --user root ./yourapp`` or runs ``sudo ./yourapp`` otherwise? – user996142 May 07 '18 at 13:24
  • What's wrong with just setting the ownership and mode of the executable? As in, make it owned by root, with mode 0700? – John Bollinger May 07 '18 at 13:59
  • 2
    Alternatively, if you're in control of the program then what about making it check at startup that its effective UID is 0? – John Bollinger May 07 '18 at 14:00
  • pkexec without a specific policy file (that require a specific path of executable to match) have a lots of issue when launcing a UI application. Is the reason about why exists "allow_gui" in polkit policy. – Clodo May 08 '18 at 13:32
  • "sudo ./yourapp" from terminal throw in a lots of distro "Could not open display". As above, the reason about "allow_gui" in polkit policy. – Clodo May 08 '18 at 13:36

0 Answers0