Popular Posts

Run programs and actions without entering password

9:28 AM 7 Comments A+ a-

Here we will explain how to run your common desktop programs and actions without entering password. There are several ways to do that.
After hours of searching simple solution I found it in Synaptic Package Manager, it is so simple taht simpler cannot be :). Just open Synaptic Package Manger , type policykit-desktop-privileges in search field, and when it appears select to install, then Apply... that is all!
You can also install it by command line: sudo apt-get install policykit-desktop-privileges
Also you can download it from this link.

This package provides a set of PolicyKit privileges which allow Administrators to run common actions without being asked for their password.
Those actions are:
  • mounting and checking internal disk drives (through udisks)
  • setting the time and timezone (through the GNOME clock applet or through KDE)
  • Ading and changing system-wide NetworkManager connections including ethernet, vpn, dsl, wirelles...
  • setting the CPU speed and policy (through the GNOME CPU frequency applet)
  • Update already installed software (Not install, everyone must enter password on install, very good for companies and organizations)
  • Configure printers
 All this applies only for Administrators (Users who are in "sudo" or "admin" groups).

























If you need more control you can edit policykit by yourself, or you can edit sudoers.

How to  edit sudoers configuration


Editing sudoers will help you to configure which programs (not actions) you can open with/without password.
I will explain you simplest way to edit sudoers, you can read details on  link1 , link2 and link3.

Fisrt select editor in command line: sudo select-editor
I recommend to choose nano editor because it os simplest.

Then lunch editor, you MUST use this command because it will take care that you don't make mistake and avoid system crash.Run command: sudo visudo

In the editor, if you want for example to access k3b and amarok without entering password add this lines:
%admin ALL=NOPASSWD:/usr/bin/k3b
%admin ALL=NOPASSWD:/usr/bin/amarok

'%' sign means that it applies on group named admin, if you want to apply on user delete sign '%'
username ALL=NOPASSWD:/usr/bin/amarok

If you want to have access to all programs without password add this line:
 %admin ALL = NOPASSWD: ALL

Save it , and that's it.

How to  edit policykit configuration


Editing policykit will help you to determine which action  you can open with/without password.
I will explain you simplest way to edit sudoers, you can read details on link1 and  link2.


You can change the settings by manually editing the configuration files in the /usr/share/polkit-1/actions directory, but this is risky. To make changes you first have to know the action to change and the permission to set. The man page for polkit will list possible authorizations. The default authorizations can be allow_any for anyone, allow_inactive for a console, and allow_active for an active console only (user logged in). These authorizations can be set to specific values, which are listed here.
auth_admin : Administrative user only, authorization required always
auth_admin_keep
 : Administrative user only, authorization kept for brief period.
auth_self
 : User authorization required
auth_self_keep
 : User authorization required, authorization kept for brief period.
yes 
: Always allow access
no
 : Never allow access
On this window, action name is com.ubuntu.pkexec.synaptic
You will need to know the PolicyKit action to modify and the file to edit. The action is listed in the PolicyKit dialog that prompts you to enter the password (expand the Details arrow) when you try to use an application. The File will be the first segments of the action with the suffix policy attached. For example, the action for mounting internal drives is:
org.freedesktop.udisks.filesystem-mount-system-internal
Its file is: org.freedesktop.udisks.policy
The file is located in the /usr/share/polkit-1/actions folder. Its full path  is:
/usr/share/polkit-1/actions/org.freedesktop.udisks.policy
Users with administrative access, like your primary user, can mount internal partitions on your hard drives automatically. However, users without administrative access require authorization using an administrative password before they can mount a partition. Should you want to allow non-administrative users to mount partitions without an authorization request, the org.freedesktop.udisks.policy file in the /usr/share/polkit-1 directory has to be modified to change the allow_active default for filesystem-mount-system-internal action from auth_admin_keep to yes. The auth_admin_keep option requires administrative authorization.
Enter the following to edit the org.freedesktop.udisks.policy file in the /usr/share/polkit-1/actionsdirectory:
sudo gedit /usr/share/polkit-1/actions/org.freedesktop.udisks.policy
Locate the action id labeled as:
<action id =”org.feedesktop.udisks.filesystem-mount-system-internal”>
<description>Mount a system-internal device</description>
This is usually the second action id. At the end of that action section, you will find the following entry. It will be located within a defaults subsection, <defaults>.
<allow_active>auth_admin_keep</allow_active>
Replace auth_admin_keep with yes.
<allow_active>yes</allow_active>
Save the file. Non-administrative users will no longer have to enter a password to mount disks.

7 komentari

Write komentari
Anonymous
AUTHOR
February 17, 2014 at 9:44 PM delete This comment has been removed by a blog administrator.
avatar
willsion
AUTHOR
September 20, 2019 at 2:14 PM delete

Dial Canon Printer Support Number for Canon Printer Technical Support Services to Install and setup Canon wireless printer. Repair Canon Printer by Canon Printer Tech Support. Fix Canon Printer Errors code and messages.
canon printer offline to online

Reply
avatar
September 24, 2019 at 3:08 PM delete

Amazing blog, thanks for sharing great information.
If you are searching for the best printing quality as well as the high printing speed, then you should go for the Canon printers. You have the option to choose various printer models from the variety of printers offered by the Canon printers. The Canon company also offers the best technical support regarding the issues and queries related to the Canon printers with the help of

Reply
avatar
jerrysingh
AUTHOR
October 10, 2019 at 2:03 PM delete

We are independent third party Epson printer tech support provider in the USA. We have a team of certified experts for solving out the printer issues. We provide users the best possible solution in less time we also solve error via remote access. Dial Epson Printer support number +1-844-266-0040 ask your query.
install epson printer

Reply
avatar
alona
AUTHOR
October 25, 2019 at 1:31 PM delete

Epson Tech Support Team here to the printer not enacted blunder code 30 Contact us by Dialing Epson Customer Support Number 1-888-633-7151 Our master gives you best online help. You can profit 24*7 Support at your doorstep By our Experts.
printer not activated error code 30

Reply
avatar
August 26, 2020 at 10:20 AM delete

Thanks for sharing this wonderful blog.

As we realize that YouTube is the best stage that offers a wide assortment of shows. You can find parcels something on YouTube extending from activity and diversion to family charming instructional substance material. You will be essentially signing in to your account visit Activate YouTube and enter a digit code which you have. Viewing a YouTube show for your huge TV show genuinely makes the appreciate tons better when in contrast with a PC or PC show.

Reply
avatar
rakelwacaster
AUTHOR
March 4, 2022 at 4:56 AM delete

The 5 Best Casino Locations | Mapyro
See 19 real casino reviews, 101 photos and 409 논산 출장샵 tips from 1,600 visitors to Casino Wylde. "I think you're getting 논산 출장샵 the best 천안 출장샵 hotel from 경주 출장안마 anywhere. This is 대전광역 출장마사지

Reply
avatar