Arch Linux

etiennebatise

Member

Registered: 2015-09-07

Posts: 4

wifi-menu without sudo

Hi,

First of all, everything works fine on my system. I'm just unfamiliar with groups and I've been wondering for a while how to avoid using sudo each time I want to use the wifi-menu program with a standard user (so not root). I'm just looking for a short explaination and solution (if possible) about this.

I've not seen any topic in the newbie corner like this one so here it is.

ewaller

Administrator

From: Pasadena, CA

Registered: 2009-07-13

Posts: 19,797

Re: wifi-menu without sudo

The program has to run as root.  The question is how to achieve the privilege escalation.   

Is the problem with sudo that you not want everyone to be a member of wheel?

Suppose they could not be a member of wheel, but could run wifi  menu as sudo wifi-menu and then not have to enter a password, and the only program they could run with sudo would be wifi-menu.   In the mean time, members of wheel could continue to run any program with sudo.  Would that suffice?

---

Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

frank604

Member

From: BC, Canada

Registered: 2011-04-20

Posts: 1,212

Re: wifi-menu without sudo

I'll just leave this here.

etiennebatise

Member

Registered: 2015-09-07

Posts: 4

Re: wifi-menu without sudo

Suppose they could not be a member of wheel, but could run wifi  menu as sudo wifi-menu and then not have to enter a password, and the only program they could run with sudo would be wifi-menu.   In the mean time, members of wheel could continue to run any program with sudo.  Would that suffice?

That's a start ! On my machine I only have two users : root and me (etienne) which I added at system-install time to wheel. So if I understand this well : this only enable etienne to use 'sudo wifi-menu' whereas if etienne wasn't in wheel, only root could use this command so I'd have to run 'su' and then 'wifi-menu'. Am I wrong ?

ewaller

Administrator

From: Pasadena, CA

Registered: 2009-07-13

Posts: 19,797

Re: wifi-menu without sudo

Close.    Read man sudoers
Using visudo, create a rule like this:

ALL ALL=(ALL) NOPASSWD: /usr/bin/wifi-menu

This should (I did not test it) allow anyone on your system to run sudo wifi-menu without having to enter a password.
If you leave out NOPASSWD, then anyone can run sudo wifi-menu, but they will be challanged for their password for their account before receiving privilege escalation.   Regardless, the escalation for this rule will only be granted for wifi-menu

Edit:  Now that I reread your post, you got it exactly.  I may have overcomplicated things.  If you only want your single non-root user to be able to use wifi-menu (or any other program) using sudo, add then to the wheel group and uncomment the
%wheel ALL=(ALL) ALL
line.

Last edited by ewaller (2015-09-08 17:01:21)

---

Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Slithery

Administrator

From: Norfolk, UK

Registered: 2013-12-01

Posts: 5,776

Re: wifi-menu without sudo

Just thought I'd add, make sure you put the new rule ewaller mentions at the bottom of your sudoers file. The order matters.

---

No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

etiennebatise

Member

Registered: 2015-09-07

Posts: 4

Re: wifi-menu without sudo

Yes I need to read more the manual about sudoers. It is just not easy (to me at least) to understand everything without testing. And I don't want to make bad things on my system. But this begins to clear things !

Thank you.