Bug 205957

Summary: Software Update should be able to run use a tool like sudo to authenticate sysadmins.
Product: [Fedora] Fedora Reporter: Chad <email-bugzilla.redhat.com>
Component: pirutAssignee: Ray Strode [halfline] <rstrode>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-03-18 18:33:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Chad 2006-09-10 19:53:23 UTC 
Description of problem:
Tools such as "applications" -> "system tools" -> "software updater" that
require admin privileges should prompt for a root password.

The prompt should allow either a root password or the user's password or a
username and password.  When a user password is used functionality like that
provided by "sudo" should be used to run the tool.

Version-Release number of selected component (if applicable):
Fedora 5
Gnome 2.14.3

How reproducible:
Select the "software updater" tool from the "Applications" -> "System Tools" menu.

 
Actual results:
Prompted for the root password.

Expected results:
Prompted for the password for the the logged in user.

Additional info:
Many organizations rely on giving their sysadmins sudo on all machines they need
to rather than using an organization-wide root password and making the password
available to all sysadmins.
Comment 1 Ray Strode [halfline] 2008-03-18 18:33:40 UTC 
Hi,

We no longer support Fedora Core 5 and I am currently trying to get my open bug
count down to a more manageable state.  I'm going to close this bug as WONTFIX.
 If this issue is still a concern for you, would you mind trying to reproduce on
a supported version of Fedora and reopening?

(this is a mass message)
Comment 2 Chad 2008-03-18 19:15:43 UTC 
Hi Ray,

Thanks for the update.  I do know Fedora Core 6 still behaves the same way 
because that is the version I am currently running.  If FC 6 is not supported I 
am sorry I can't comment as I am not very likely to upgrade in the near future.

Thanks,
Chad

PS: I used Ubuntu 7.10 recently and was surprised that it behaves as I 
described in the "expected results" above.
Comment 3 Ray Strode [halfline] 2008-03-18 19:31:22 UTC 
Hi Chad,

You should be able to configure this already by editing the policy files in
/etc/security/console.apps

USER=<user> means ask for user's password and USER=root means ask for root's
password.
Comment 4 Chad 2008-03-19 18:38:54 UTC 
Hi Ray,

I didn't realized the username could be configured.  I should look for docs on /
etc/security/ .

It is a bit different than what I was thinking of.  I prefer to not have one 
password that we have to change and have everyone learn each time someone moves 
to a different job.
Comment 5 Ray Strode [halfline] 2008-03-19 19:02:16 UTC 
Hi I don't think I was being clear :-)

When I said 

USER=<user>

i didn't mean e.g. USER=chad , but the actual, literal, magic string

USER=<user>

It means, for the chad user, enter chad's password, for the rstrode user, enter
rstrode's password, etc.