Description of problem: $ nmap --script ssl-enum-ciphers -p 443 blah.example.com bash: nmap: command not found... Install package 'nmap' to provide command 'nmap'? [N/y] y * Waiting in queue... * Waiting in queue... * Waiting for authentication... * Waiting in queue... * Downloading packages... * Requesting data... * Testing changes... * Installing packages... Starting Nmap 6.47 ( http://nmap.org ) at 2014-10-15 12:34 CEST Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: nmap is installed without: i) me being root ii) asking for authentication Expected results: Additional info:
James, does this happen if you start up Fedora and immediately try the commands? (Just checking, since Yum remembers if you've entered the root password during the current Terminal session, and won't ask until the session is closed.) Are there other packages that can seemingly trick the installer? If so, could you create a user with no Admin privileges and see whether that account is capable? Lastly, is there anything notable in your recent update/install history (besides nmap)? Thanks.
It happens if I open a new gnome-terminal and run any command that does not exist yet. Try it with anything: nethogs, for example. non-wheel: haven't tried yet (this still needs to be fixed for wheel though) recent packages: tons! it's an alpha release, there are tons of updates!
As non-wheel I am prompted for authentication. As wheel I am not prompted for authentication, even on a fresh boot (!)
How can I propose this as a Blocker?
This is a PackageKit thing http://fedoraproject.org/wiki/Features/PackageKitCommandNotFound I think this is supposed to work this way, if you are a administrator (= member of wheel group) you dont get asked for password
But then we should be consistent with sudo and not require a password there either.
(In reply to James Patterson from comment #6) > But then we should be consistent with sudo and not require a password there > either. There is a difference from installing packages without password if you are in the wheel group and sudo without password there can perform all root related actions Added Richard to CC, He can tell if that is supposed to work this way as I expect.
Whereas yum install XYZ requires authentication...
This is by design. If you're in the wheel group, you can do much more malicious things than install signed packages from signed repos. "sudo" provides unrestricted access to any action, and yum is a low-level packaging tool that allows you to do much more than just install packages.
Then it's a poor design: it's inconsistent. I will open a new bug for the inconsistency.
Bug 1177935 opened.