I found a (lengthy) guide to doing this but it is for gksu which is gone. I have to imagine there's an easy way. I am running Ubuntu. There is no specific use case, it is just a feature I miss from windows.
EDIT: I always expect a degree of hostility and talking-down from the desktop Linux community, but the number of people in this thread telling me I am using my own computer that I bought with my own money in a way they don't prefer while ignoring my question is just absurd and frankly should be deeply embarrassing for all of us. I have strongly defended the desktop Linux community for decades, but this experience has left a sour taste in my mouth.
Thank you to the few of you who tried to assist without judgement or assumptions.
It's not attitude they are giving you. It's strong recommendation. It's the strong recommendation of the entire Linux community.
Sudo is different than run as admin and is not intended to be used to do things the way Windows does them.
pkexec
instead of sudo, you can add it to the .desktop file and when you launch the application it'll give you a GUI authentication prompt.sudo
normally (in xorg at least). And only those explicitly allowed to be run with pkexec
by maintainers will do. Of course it is possible to evade this restriction, but you definitely should not.pkexec
leverages PAM & Polkit and is intended for GUIs.$DISPLAY
environment variable. It's a correct behavior of sudo because running x11 apps with root permission you create a security hole.gksu, kdesu, sux, & polkit. All of which are privilege elevation frameworks that can securely obtain the required privileges without running GUI applications directly as root. Granted you may need to configure PAM & Polkit's policies to make them more secure. \
The problem with sudo is that it runs the entire GUI application as Root; at least by default behavior. These frameworks are the proper way.
BleachBit is a cross-platform disk space cleaner that was based on Python, PyGTK, & GTK2 and then later ported to Python 3 & GTK3. BleachBit on Linux never prompts the user for authentication for operations requiring elevated privileges, it just fails with "permission denied". Inturn you can use sudo
, or the by far more recommended and safer option gksudo
/gksu
& pkexec
. In this case, a user can 100% make the mistake of using sudo, and while it's not inherently problematic for this specific case, as we've already discussed it's still risky.
gksu
and kdesu
are unsupported for >10 years iirc, they were not more secure than sudo
and that's one of the reasons they were abandoned. I've never heard about sux
. Polkit is a bit another thing that indeed replaced them, however it does not and can not separate GUI and non-GUI processes. The process itself has to fork, drop privileges and draw a GUI after that. There's no difference between running it via sudo
or pkexec
, however polkit provide additional protections to prevent running unsafe apps with elevated privileges.
PAM and GVFS are not "privilege elevation frameworks" whatever you mean by this.
AFAIK the newer Ubuntu gksu equivalent is pkexec, if that helps.
You could cooy all system .desktop files to your home dir and automatically edit them with a script that adds an action to run them with pkexec or sudo as root. However, most GUI apps shpuld never be run as root, because they can break the system. For example, they may create hidden thumbnail files owned by root and break thumbnails in all apps not running as root that way
something like this? creating custom context menu options
Use Nautilus-Actions to easily and graphically create custom context menu options for Ubuntu’s Nautilus file manager.How-To Geek
pkexec
a command used to execute commands with elevated privileges, leverages both PAM (Pluggable Authentication Modules) and Polkit to authenticate the user and authorize the requested action.There's programs like kdesu which you can use. Idk if you can (or should) hack a context menu for a run-as-root option on everything. But you can make aliases or specifically application menu items for the specific apps you want to use.
https://superuser.com/questions/135311/sudo-access-for-desktop-actions-in-gnome-kde#135325
I feel kinda silly asking this question. I'm using CentOS 5.4 and KDE. I downloaded an archive and I want to drag/drop the contents into a folder that I need root access to write to. I can obvious...Super User
pkexec %f
. Other FM have similiar functionality.Sudo is "su do", i.e. "run as root", so it's funny to hear run as sudo because it means "run as run as root", like "chai tea" or "ATM machine".
To your question the answer is "why?". You shouldn't need that, that's one of the hardest things to get rid of, the "Windows mentality", it's like when people ask how to install a .tar.gz they downloaded from the internet, the answer is most likely "you don't need that".
This leads to an XY problem, where you're asking how to solve problem Y but that is caused by you assuming you need to do X, when in fact you don't. The main clue is that people keep asking you why do you want to do this. So, what exactly is the problem you're trying to solve? Why do you think you need this?
Sudo is “su do”, i.e. “run as root”
It may default to root but it doesn't mean run as root. Su means substitute user identity i.e. any other user (if you have the rights to it).
su
and sudo
originally meant "superuser" because that was their only use. They have retroactively been changed to "switch user" because this functionality was added later.Yes there is, you're asking how to add a menu entry to run things with sudo, and refuse to answer why you want to do it, what's your use case? What graphical application do you need to run with sudo and why?
I'm almost sure I know why, and your refusal to answer this even though it's been asked multiple times seems fishy. Like it was explained multiple times there's a 99% chance that you don't need it, and there is a package for the remaining 1% or you could do it manually like others have suggested. But until we know your use case we can't help you, so while you keep refusing to explain what is it that you're actually trying to accomplish and why do you feel you need it it will be impossible for anyone to help you.
I have had to un-teach dumb things that people learn from Windows.
A menu item to run a GUI program as root it is indeed a rather absurd scenario. It suggests that you want to violate the admin/user barrier which is intended to be difficult to surpass except in certain circumstances.
There can be a lot of things under the hood that are necessary to run a GUI program as root depending on whether you're using X11 or Wayland or something more esoteric. It's doable though.
But instead of doing that, why not just learn how to use the command line? Every administrative task can be done via the command line, but not every administrative task has a GUI counterpart. So you're going to need to learn to use the command line sooner or later.
OP asks a relatively simple question, and gets scolded as it committed murder.
For all we know OP is the only user and is just playing with Linux, and just wants a simple (probably unnecessary) shortcut because he's GUI oriented.
This is kind of someone asking how to open their lunchbox easier, and get treated like they are giving a copy of their house keys to everyone in town.
Chill... Not everyone is running a maximum security level server. If OP screws their system (like most of us do at some point), I'm sure a fresh re-install would be enough for them.
I think you can run like this:
$ pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY <yourapp>
For example, if I wanna open kgx
(a.k.a. Gnome Console), I would run:
pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY kgx
sudo gparted
works just fineWhat's the use case? What are you running into that you want to launch as sudo through the gui that isn't pulling up the dialogue automatically?
A few folks have argued this is unnecessary, but I'm curious about your perspective on why and when you think it would be useful
What are you running into that you want to launch as sudo through the gui that isn’t pulling up the dialogue automatically?
Almost anything. The first thing I tried to do was delete a file off of a network share. Also, editing the name of a file copied from a network share. Also, editing text files. It has been a frequent headache. I am not afraid of the command line, I just don't prefer it every time.
That was also my take. If it's something you should be able to edit, your user should have permissions to do that. Jumping to running as root every time has lots of unintended consequences.
I do think a functionally similar idea would be a button to "take ownership" (grant r/w/d) of a file that would prompt for root password. That way things don't run as root that shouldn't. Would that be a good compromise between Linux permissions and Windows workflow?
Regarding formatting a drive, whatever program you are doing that in should ask for root p/w when performing that operation. If it just refuses because of permissions that seems like a bug.
Just saw your edit. One thing you should be doing is taking ownership of directories you plan to be working in. So for an external drive for example, you'd want to make sure your user(s) have r/w/x permission recursively (granting permission for all files and folders underneath using the same command) on the root folder of the drive then you can move stuff on and off freely.
I agree it could be more straightforward, but ideally you'd only have to do it one time when you first use the drive with that machine
Emacs can let you edit root files using TRAMP
There's also YaST , but that's an OpenSUSE thing.
What Desktop Environment?
This is very easy in KDE.
See this post where I mentioned how to do this with running Konsole with root.
In general, use polkit instead of sudo, every desktop has a GUI dialog that pops up.
pkexec APPNAME
[Desktop Entry]
Type=Application
Exec=konsole
Icon=utilities-terminal
Categories=System;TerminalEmulator;
Actions=root
Name=Konsole
GenericName=Terminal
Comment="$GenericName"
[Desktop Action root]
Name=root
Icon=folder-root-symbolic
Exec=pkexec konsole
Be aware that nearly no program should be ran as root. Also not Konsole. The program is ran as the user, and can enter a root shell, but never run random apps as root.
To view and change system files in KDE, type admin:/
into the location bar.
Running apps as root doesnt work with Wayland, and for a good reason.
Thanks for this, but I have a question:
Running apps as root doesnt work with Wayland, and for a good reason.
Are you sure about this? I run GUI apps as root all the time and have Wayland.
You are absolutely not. It really bad practice. I can not state that enough.
Practice least privilege
I'm not trying to offend you. I just want to help.
I think the talking down aspect comes from phrases like "you shouldn't be doing X", especially when these statements are made as absolutes, rather than contextualised with actual reasons.
Running GUI programs as root might cause security problems, or it might cause software problems. And while you might find these issues important, others might not.
In my opinion, saying something like "it's not a good idea if you care about security" or "doing so might make your PC burst into flames" gives helpful warnings for OP and future readers without talking down to them by making decisions for them what they should and should not do.
That's not a good idea as root isn't the same as an Administer account. Also, you might want to consider why you are running programs as root. You may have a chicken and the egg problem.
Maybe step back and give us some more context.
Don't know about gnomes default file manager, but dolphin has this ability. You'll have to install the addons and enable it in the context menu however.
To repeat others opinion though, I haven't actually needed this feature outside of very specific situations (that I create myself). Linux operates a bit different and shouldn't need this for anything outside of some poorly made, or potentially malicious apps and scripts. I agree though it's still nice to have the option
I don't know why everyone is getting self-righteous about this. I've used Linux since the mid-90s, and occasionally I find it easier to just run a GUI file manager as root to do some filter and deletions of things in caches and such that need root permission. Hell, I want to edit the files in /etc/wireguard for my tunnels; should I only do this at a sudo prompt in the terminal when I'm perfectly capable of pulling it up in Kate and copypasting stuff in?
Get off your high horses, there's plenty of valid use cases if you're using your head.
Other threads:
You are free to do anything and everything with Linux!
ITT:
YOU CAN'T DO THAT
I'm trying to give my image uploader some kind of rightclick->upload functionality. Currently I use the nautilus-scripts folder, but that puts the menu entry behind an unapparent "Scripts" item. I...Ask Ubuntu
The default, nautilus.
"Run as Adminstrator" in the context menu is a default feature in Windows. It seems odd I'm the first person to want this in Linux.
sudo gedit file directory filename
but it's SO much easier to right-click "open as admin" which is why I asked.That is the 1% I mentioned, and the easiest way is installing this https://github.com/nautilus-extensions/nautilus-admin which I think is in the apt repos, so probably
sudo apt install nautilus-admin
works.But I STRONGLY encourage you NOT to install this, you've already made a mess of permissions on your computer that by your own account caused you many headaches by running graphical programs with sudo without any need.
GitHub - nautilus-extensions/nautilus-admin
GitHubsudo nano
autocomplete file name (tab tab). At least to me that doesn't seem that much more involved and is safer.Otherwise, as others have noted, there are apparently ways of doing what you want, but it is discouraged for good reasons.
Oh my gosh, this is so useful. The lack of an address bar was driving me insane. Thanks.
Then let us address the underlying issue. You should not need root for the majority of tasks and never for desktop usage.
It sounds like something got messed up when you ran a different program as root.
That's not how that should work. You also shouldn't need that in Windows either.
Programs that need Admin rights will ask for it. There are a fee limited cases but most of the time it creates more problems than it solves.
From your comments I've read it sounds like there is more to this story. Can you share what you are trying to do? On gnome gnome disks can run fine under the user. It will elevate when it needs to and it is designed with least privilege.
For file shares root is pretty much meaningless in most contexts. If you don't have access you don't have access as authentication is handled server side. If you setup a automatic mount check your mount options as you can set it to be owned by the local user. Also if you mounted the share in a graphical file utility such as nautilus it will be mounted for the local user so you will not need root.
Root should be used very sparingly. It is not the same as Admin on Windows. It is almost equivalent to the SYSTEM user on Windows.