[Share Experiences] Running Commands with Root Privileges Without Entering a Password
Experiences and Insight 425 views · 0 replies ·
SuperDavid
deepin
2024-07-24 15:25
Author
[Experience Sharing] Running Commands with Root Privileges Without Entering a Password (sudo and pkexec)
Typically, to run commands with root privileges, you can use sudo and pkexec.
To skip the password entry step, you need to configure them separately.
sudo can manage users uniformly, while pkexec can be configured for each command, and it supports graphical interface authorization.
Configuring sudo
You can edit the sudo configuration file using the command sudo visudo.
Add the following line at the end of the file:
maicss ALL=(ALL:ALL) NOPASSWD:ALL
Make sure to add it at the end (after the %sudo line), otherwise it won't be effective.
After saving, the user maicss will not be prompted for a password when using sudo.
Configuring pkexec
The policy files for pkexec are stored in /usr/share/polkit-1/actions/. To modify the policy for a specific program, you need to add a policy file (you can copy an existing one and modify it).
Setting the Prompt Message
(Here, I am demonstrating on Fedora, using the dnf command as an example. You can configure and modify it according to your needs.)
To set the prompt message for the dnf command, create a new configuration file named org.maicss.dnf.policy. The name should ideally match the corresponding program ID, but you can name it anything, as long as it has a .policy extension.
[Experience Sharing] Running Commands with Root Privileges Without Entering a Password (sudo and pkexec)
Typically, to run commands with root privileges, you can use
sudo
andpkexec
.To skip the password entry step, you need to configure them separately.
sudo
can manage users uniformly, whilepkexec
can be configured for each command, and it supports graphical interface authorization.Configuring sudo
You can edit the sudo configuration file using the command
sudo visudo
.Add the following line at the end of the file:
maicss ALL=(ALL:ALL) NOPASSWD:ALL
Make sure to add it at the end (after the
%sudo
line), otherwise it won't be effective.After saving, the user
maicss
will not be prompted for a password when usingsudo
.Configuring pkexec
The policy files for
pkexec
are stored in/usr/share/polkit-1/actions/
. To modify the policy for a specific program, you need to add a policy file (you can copy an existing one and modify it).Setting the Prompt Message
(Here, I am demonstrating on Fedora, using the
dnf
command as an example. You can configure and modify it according to your needs.)To set the prompt message for the
dnf
command, create a new configuration file namedorg.maicss.dnf.policy
. The name should ideally match the corresponding program ID, but you can name it anything, as long as it has a.policy
extension."
http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
Dnf Package Manager
x-package-repository
Root privileges are required to use the package managerRoot privileges are required to use the dnf command for package management
auth_admin
auth_admin
auth_admin
/usr/bin/dnf
true
Explanation of some important lines:
whereis
command to find the path if it's a command.Setting No Password Requirement
To set it so that no password is required, modify lines 11-13 in the code above to
yes
, as shown below:"
http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
Dnf Package Manager
x-package-repository
Root privileges are required to use the package managerRoot privileges are required to use the dnf command for package management
yes
yes
yes
/usr/bin/dnf
true
Now, using the command
pkexec dnf update
will not prompt for a password and will run directly.