[blfs-book] r12399 - in trunk/BOOK: introduction/welcome xsoft/other

[fernando]

Author: fernando
Date: Sun Dec 15 10:16:12 2013
New Revision: 12399

Log:
Gparted from a menu: 'ssh-askpass' and 'pkexec'.

Modified:
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/xsoft/other/gparted.xml

Modified: trunk/BOOK/introduction/welcome/changelog.xml
==============================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml       Sun Dec 15 09:15:39 
2013        (r12398)
+++ trunk/BOOK/introduction/welcome/changelog.xml       Sun Dec 15 10:16:12 
2013        (r12399)
@@ -47,6 +47,10 @@
       <para>December 15th, 2013</para>
       <itemizedlist>
         <listitem>
+          <para>[fernando] - Gparted from a menu: "ssh-askpass" and "pkexec".
+          Fixes <ulink url="&blfs-ticket-root;4454">#4454</ulink>.</para>
+        </listitem>
+        <listitem>
           <para>[igor] - Update to libisoburn-1.3.4. Fixes
           <ulink url="&blfs-ticket-root;4451">#4451</ulink>.</para>
         </listitem>

Modified: trunk/BOOK/xsoft/other/gparted.xml
==============================================================================
--- trunk/BOOK/xsoft/other/gparted.xml  Sun Dec 15 09:15:39 2013        (r12398)
+++ trunk/BOOK/xsoft/other/gparted.xml  Sun Dec 15 10:16:12 2013        (r12399)
@@ -159,15 +159,127 @@
       Root privileges are required to run Gparted. If you wish to run the
       application from the menu, further applications and configurations are
       necessary. Examples of applications that may be used:
-      <ulink url="http://people.debian.org/~kov/gksu";>gksu and gksudo</ulink>,
+      <ulink url="http://people.debian.org/~kov/gksu";>gksu</ulink>,
       <ulink url="https://launchpad.net/kdesudo";>kdesudo</ulink>, or
       <ulink url="https://github.com/tarakbumba/xdg-su";>xdg-su</ulink>.
+      Other solution is to use <application>pkexec</application>, from
+      <xref linkend="polkit"/>, but some configuration is necessary.
       Another simple solution is the <application>GTK+</application> based
-      <application>gnome-ssh-askpass2</application> (does not need
-      <application>GNOME</application>) that comes with
-      <xref linkend="openssh"/>, under the
-      <filename class="directory">contrib</filename> directory in the source.
+      <application>ssh-askpass</application> (does not need
+      <application>GNOME</application>). Below, we describe these two
+      alternatives: "ssh-askpass" and "pkexec".
     </para>
+
+    <sect3 role="ssh-askpass">
+      <title>ssh-askpass</title>
+        <para>
+          To optionally use <application>ssh-askpass</application>, you need
+          <xref linkend="sudo"/> and <xref linkend="openssh"/> to be installed.
+          Uncompress the <xref linkend="openssh"/> tarball and, inside the
+          source directory, install <application>ssh-askpass</application> by
+          running the following commands:
+        </para>
+
+<screen><userinput>cd contrib &amp;&amp;
+make gnome-ssh-askpass2</userinput></screen>
+
+        <para>
+          Now, as the <systemitem class="username">root</systemitem> user:
+        </para>
+
+<screen role="root"><userinput>install -v -d -m755                  
/usr/lib/openssh/contrib     &amp;&amp;
+install -v -m755  gnome-ssh-askpass2 /usr/lib/openssh/contrib     &amp;&amp;
+ln -sv -f contrib/gnome-ssh-askpass2 
/usr/lib/openssh/ssh-askpass</userinput></screen>
+
+        <para>
+          Still as the <systemitem class="username">root</systemitem> user,
+          configure <xref linkend="gparted"/> and <xref linkend="sudo"/> to
+          use <application>ssh-askpass</application>:
+        </para>
+
+<screen role="root"><userinput>cp -v /usr/share/applications/gparted.desktop 
/usr/share/applications/gparted.desktop.back &amp;&amp;
+sed -i 's/Exec=/Exec=sudo -A /'               
/usr/share/applications/gparted.desktop      &amp;&amp;
+
+cat &gt;&gt; /etc/sudo.conf &lt;&lt; "EOF" &amp;&amp;
+# Path to askpass helper program
+Path askpass /usr/lib/openssh/ssh-askpass
+EOF
+chmod -v 0644 /etc/sudo.conf</userinput></screen>
+
+        <para>
+         Now, clicking in the menu item for Gparted, a dialog appears in the
+         screen, asking for the administrator password. Any graphical program
+         requiring root privileges can be run using "sudo -A &lt;program&gt;",
+         e.g. from a terminal, from a desktop launcher, or including it in the
+         desktop file.
+        </para>
+
+    </sect3>
+
+    <sect3 role="pkexec">
+      <title>pkexec</title>
+        <para>
+          To optionally use <application>pkexec</application>, you need
+          <xref linkend="polkit-gnome"/> or <xref linkend="lxpolkit"/>, and
+          <xref linkend="consolekit"/> installed with support to
+          <xref linkend="linux-pam"/> and <xref linkend="polkit"/>.
+          As the <systemitem class="username">root</systemitem> user,
+          configure <xref linkend="gparted"/> and <xref linkend="polkit"/> with
+          the following commands:
+        </para>
+
+<screen role="root"><userinput>cp -v /usr/share/applications/gparted.desktop 
/usr/share/applications/gparted.desktop.back &amp;&amp;
+sed -i 's:/usr/sbin/gparted:/usr/sbin/gparted_polkit' 
/usr/share/applications/gparted.desktop &amp;&amp;
+
+cat &gt; /usr/sbin/gparted_polkit &lt;&lt; "EOF" &amp;&amp;
+#!/bin/bash
+if [ $(which pkexec) ]; then
+    pkexec --disable-internal-agent "/usr/sbin/gparted" "$@"
+else
+    /usr/sbin/gparted "$@"
+fi
+EOF
+chmod -v 0755 /usr/sbin/gparted_polkit</userinput></screen>
+
+        <para>
+          Still as the <systemitem class="username">root</systemitem> user,
+          configure <xref linkend="polkit"/> and <xref linkend="gparted"/> to
+          use <application>pkexec</application>:
+        </para>
+
+<screen role="root"><userinput>cat &gt; 
/usr/share/polkit-1/actions/org.freedesktop.policykit.pkexec.policy &lt;&lt; 
"EOF"
+&lt;?xml version="1.0" encoding="UTF-8"?&gt;
+&lt;!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"&gt;
+&lt;policyconfig&gt;
+
+  &lt;action id="org.freedesktop.policykit.pkexec.run-gparted"&gt;
+    &lt;description&gt;Run GParted&lt;/description&gt;
+    &lt;message&gt;Authentication is required to run GParted&lt;/message&gt;
+    &lt;defaults&gt;
+      &lt;allow_any&gt;no&lt;/allow_any&gt;
+      &lt;allow_inactive&gt;no&lt;/allow_inactive&gt;
+      &lt;allow_active&gt;auth_admin_keep&lt;/allow_active&gt;
+    &lt;/defaults&gt;
+    &lt;annotate 
key="org.freedesktop.policykit.exec.path"&gt;/usr/sbin/gparted&lt;/annotate&gt;
+    &lt;annotate 
key="org.freedesktop.policykit.exec.allow_gui"&gt;true&lt;/annotate&gt;
+  &lt;/action&gt;
+
+&lt;/policyconfig&gt;
+EOF
+chmod -v 0644 
/usr/share/polkit-1/actions/org.freedesktop.policykit.pkexec.policy</userinput></screen>
+
+        <para>
+         Now, clicking in the menu item for Gparted, a dialog appears in the
+         screen, asking for the administrator password. Any graphical program
+         requiring root privileges can be run using "pkexec &lt;program&gt;",
+         e.g. from a terminal, from a desktop launcher, or including it in the
+         desktop file.
+        </para>
+
+    </sect3>
+
   </sect2>
 
   <sect2 role="content">
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page