I have a GUI application that needs to call a daemon (written in Python) with superuser privileges. I would like to do this without prompting the user for a password.
Since the daemon is a script, I can't set the SUID bit directly. I could write a C wrapper for this, but I'd rather not reinvent the wheel, especially when a mistake on my part could lead to the system's security being severely compromised.
What I'd normally do in this situation is to add a line in /etc/sudoers
that allows users to execute the daemon as root without a password, using the NOPASSWD directive. This works fine from the command line. However, when I do this from the GUI, a pkexec
dialog pops up asking for the user's password. It seems that on Ubuntu, calls to sudo
from the GUI are somehow being intercepted by pkexec
.
Is there a clean way around this? I'd really rather not have to deal with the hassles of a setuid script.
sudo somecommand
, the dialog box that pops up is apkexec
password dialog, regardless of whether there is a sudoers policy allowing the execution of the program. – Chinmay Kanchi Dec 10 '13 at 8:20