Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test/fix Linux permissions for installing #250

Open
Deadpikle opened this issue Nov 14, 2021 · 1 comment
Open

Test/fix Linux permissions for installing #250

Deadpikle opened this issue Nov 14, 2021 · 1 comment
Labels
bug help wanted

Comments

@Deadpikle
Copy link
Collaborator

Deadpikle commented Nov 14, 2021
edited
Loading

NetSparkle/src/NetSparkle/SparkleUpdater.cs

Line 1257 in 957d131

return "sudo dpkg -i \"" + downloadFilePath + "\"";

How does sudo work here? Do we even need sudo? Does Linux pop open a thing asking for the password? (I doubt it.) Do we need to pop open a terminal and run things in there (aka make the process not silent so that they can be prompted for their password)? I'm not as familiar with how Linux works, plus there are so many distributions...

Links:
@daniel-pastalab
Copy link
Contributor

daniel-pastalab commented Nov 29, 2021
edited
Loading

There is a way to install linux packages without root by installing it with --force-not-root (https://askubuntu.com/questions/339/how-can-i-install-a-package-without-root-access).
But there may be a lot of problems with dependencies (https://stackoverflow.com/questions/18858412/errors-installing-a-deb-without-sudo-root).
Unfortunately a lot of distributions are not automatically popping up a graphical password prompt (or even have one).

If gksu is installed (which gksu) the command can be simply run with gksu:

gksu echo hello world

If gksu is not available i think the safest way is to open a separate terminal window with the sudo command (i've seen this method in the wild).
The terminal will then ask the user for the password. The problem with this is you have to find out which terminal emulator is used.
For that it is advised to go through a list of known terminal emulators (https://superuser.com/questions/1153988/find-the-default-terminal-emulator).

With the known terminal emulator (here urxvt) and the $SHELL variable (already used in SparkleUpdater.cs) you can open a new terminal window:

urxvt -e $SHELL -c "sudo echo hello world"

The much more unsafe method is to ask for the password from the SparkleUpdater and pass it as a parameter to the sudo command (https://superuser.com/questions/67765/sudo-with-password-in-one-command-line). But i think its very unwise to hold it in the application memory.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Deadpikle @daniel-pastalab