[kde-linux] KDESU again
James Tyrer
jrtyrer at earthlink.net
Fri Dec 23 00:09:07 UTC 2011
On 12/22/2011 05:04 PM, James Tyrer wrote:
> On 12/21/2011 05:12 PM, Duncan wrote:
>> James Tyrer posted on Wed, 21 Dec 2011 15:36:40 -0700 as excerpted:
>>
>>> Some time ago, I posted:
>>>
>>> "When I run KDESU from a Konsole, I get this message:
>>>
>>> startApp: Daemon not safe (not sgid), not using it
>>>
>>> Is there some file that needs the permissions changed?"
>>>
>>> It was posted to LFS that it is: "kdesud" that needs the permissions
>>> changed -- SGID set.
>>>
>>> Also note that for security reasons that the group should be changed
>>> from "root" to "nobody".
>>
>> FWIW, I can confirm here on gentoo, /usr/lib64/kde4/libexec/kdesud is
>> part of the kdesu package (4.7.90 installed), and that it's setGID, owner
>> root, group "nogroup" (probably "nobody" on LFS).
>>
>> I don't see any special set* treatment in the ebuild, so it would appear
>> to be set by the build process from upstream (kde).
>>
>> But my normal/kde user is locked out of things like su, and thus kdesu,
>> so I can't confirm whether it actually works or not.
>>
> IIUC, some distros name the private group for the user: "nobody" as
> "nogroup" rather than also calling it: "nobody". No real difference
> since it is still 99. So, I renamed it.
>
> There does appears to be an issue since it is not installed this way
> when you build from source.
>
Note that you should be able to tell if it is working correctly if the
KDESU dialog window shows the: "Remember Password" box to check.
--
James Tyrer
Linux (mostly) From Scratch
More information about the kde-linux
mailing list