Nautilus should have a superuser mode

I'm not sure than an user need to use nautilus as root (a wrong drag&drop and
you move /etc, or /bin, or /lib ...). Jeff what do you think ? Is that a WONTFIX ?

They shouldn't be using nautilus as root, no; but at some stage, nautilus will
need to handle privilege escalation to do some of these tasks. How it does that
is a matter of great controversy though. :-) This is very much a bluesky
wishlist bug for the moment, though.

An upstream bug about this:
http://bugzilla.gnome.org/show_bug.cgi?id=65058

confirmed upstream. Might be closed as WONTFIX here..

i made a spec https://launchpad.net/distros/ubuntu/+spec/privileged-nautilus

A simple 'superuser mode' to edit files would be an action in
nautilus-actions that says sudo gnome-open %u (Dunno if %u is correct,
but you get the idea)

Isn't it Ubuntu is aiming for the new linux users, and less for the novice
admins? IMO, a deb package 'admin-suite' must be created, it includes
pessulus, sabayon and all the other admin task. But, I think superuser mode
nautilus must not exists at all.

On 6/11/06, Dennis Kaarsemaker <email address hidden> wrote:
>
> A simple 'superuser mode' to edit files would be an action in
> nautilus-actions that says sudo gnome-open %u (Dunno if %u is correct,
> but you get the idea)
>
> --
> Nautilus should have a superuser mode
> https://launchpad.net/bugs/12154
>

--
gawk; grep; unzip; touch; strip; init, uncompress, gasp; finger; find,
route, whereis, which, mount; fsck; nice, more; yes; gasp; warnquota,
umount; head, halt, renice, restore, touch, whereis, which, route, mount,
more, yes, gasp, umount, expand, ping, bashbug, dump, make clean; sleep

@Dennis:

Take a look at the desktop guide:

http://help.ubuntu.com/6.06/ubuntu/desktopguide/C/desktop-tips.html

"Open files with administrative privileges from the file manager"

adding contextual menu item seems like a work around. the item should not show up on all files. if this is done at a deeper level it could be done better. for example you don't need to be super user to open a system config file, so you should only be asked for them when you try to save it.

also this is not just for system admin tasks. a parent might need to look through a childs home folder for example.

I think this is a great idea. Actually until I was linked here I thought it was my idea. Think about it... If you are editing, deleting, or executing a file that is owned by root and you do not have proper permission for your action then you have two options:

#1: gksudo nautilus (nautilus with root permissions).
#2: Use command the command line.

Both are far from an ideal situation. With #1 you have the same kind of security risk as logging in as root. With #2 you have to know the command line pretty well, hardly ideal for newbie linux users. Even if you do know the command line, opening up a terminal and typing in commands is a bit tedious and time-consuming.

A prompt like the one described in the original post would make Ubuntu more user-friendly to new linux users and save time regardless of who you are. All you have to do is type in your password and your desired action gets completed. It's simple and straightforward which is exactly what I like. :)

Here's the post I made before I knew this bug had been submitted:

http://www.ubuntuforums.org/showthread.php?p=1544222#

What's about displaying a horizontal bar like that one on the Trash when you navigate to a folder where you don't have permissions to create new files, with a button that would allow you to switch it into "root mode" on that window (introducing the password into a prompt if it wasn't used recently, of course) until you visit a folder owned by you?

Siefried, that's a nice idea!! I liked it.

Siegfried, that's a nice idea!! I liked it.

Agreed, will it be implemented? That is question!

This would be rather obtrusive IMHO to display this in all non-writable folders.

Another idea is, when the user tries to write to protected folders, it says something like :

"This(these) is(are) system folder(s or files), and it(they) has(have) been protected to ensure that your computer will operate safely. Do you wish to write to this folder anyways ? "

[Cancel]
[Yes (field for administration password)]

Another option would be "do you wish to temporarily disable this protection ? " - so the user can execute several operations on protected folders.

Agreed.

Nautilus should have a supermode that doesn't require you to go to terminal and type in gksudo nautilus. When doing something that requires permission, it should just ask you for password and allow you to continue.

Using Nautilus in superuser mode is used too often - even by newbies - to not do this. How many postings have you seen in the forum where someone doesn't know how to use Nautilus in superuser mode? Too many...

This is a simple change/fix/upgrade and no-brainer...

Not crazy about 'Wladston's' text for the box...

Should be more like:

"Enter Your Password to Perform Administrative Task(s)"

Copied straight from another program that requires password.

Dirk,

As long as the feature get's implemented, it's alright.

But I think that it's nice to at least say a simple phrase about what is going on and why the hell that password box showed up.... most newbies won't know why they have to type in a password, and might even think it's a virus or something ....

Ideas on a GUI would be nice. A "deleted items" type banner would be ridiculous.

This problem floated up again in the Hardy Heron Expectations thread (http://ubuntuforums.org/showthread.php?t=579394&page=45)

-Something- definitely needs to be done, as the current state is just a pain in the behind without the use of third-party nautilus scripts.

I don't see why this would need to be done in nautilus, per se. Why not let me open the file as read only, then when it asks me if i want to save (in gedit, vim, etc), say "to save this file, you need root privileges" or something, and give the standard password prompt (with grey screen) that the update manager, etc does? Seems far more sensible to me.

Sarah,

What about when you are working with file operations on protected files ? Nautilus doesn't ask the password. That is what this bug is about.

Something along the lines of nautilus's gio branch would be interesting. The work on this branch means you can open a file from a GVFS recognised place in any program and save the file even though that program doesn't use GVFS.

looks like it is being worked on

http://blogs.gnome.org/alexl/2007/11/23/file-operations-in-nautilus-gio-and-adventures-in-the-land-of-policykit/

Open a terminal window
cd /home/user/.Trash
sudo rm -r *.*
The super user passwd is required
The end!
Bye

Isn't there a package which installs advanced nautilus scripts (I did it through Automatix). Once installed, you can right click within the nautilus window and there is an option "Scripts > root-nautilus-here". Then you can do some of the tasks which require you to be a sudo or a root user. I have used it to create folders in /usr/local folder for some programs installations.

"gksu nautilus"

but, i still agree that, if you try to mess with a file that u dont have priveleges 4, it should say something like, "This action requires root athority" or something like that, and then maybe a "details" thingy that says what kind of file operation it is (i.e. move /blah/thingy.foo to /usr/blah)

Slightly off topic
KDE has a hidden root konqueror (file manager) and a root terminal also hidden

Another use case:
- you bought a new harddrive/usbstick
- you created partitions and formated them with ext*
- you fire up nautlius to start using them and sure enough, they appear in the places bar.
- you click to mount them

- now you try to copy files to them

BUT

they are owned by root and you have to go to the shell to change permissions.

a newbie and userfriendly way would be to show a sudo dialog when changing permissions on files/folders you don't own.

I have personally heard people complain about this. Running nautilus in super user mode is bad, but whenever a user wants to perform a forbidden operation he should have the option of typing the root password (after seeing a proper warning).

Same thing is discussed here: #389422
Is it a duplicate?

... to get the link working: bug #389422

Dudes, open synaptic and search for nautilus gksu. The first package on the list named, low and behold, "nautilus-gksu" gives you a context menu entry "Open as administrator" on any folder you may desire root access to.

psylem: that may be so. BUT This bug was filed because it's an usability issue. That doesn't go away with nautilus-gksu. You can't expect the user to know of the package. It's not installed by default. Let's say you'd have to install a package to copy a file. Not a good workflow.

Now if it were installed by default...That'd be much better, but still not optimal to me.

There's a brainstorm idea about this:

http://brainstorm.ubuntu.com/idea/21666/

PLEASE fix this issue: I think it's a big annoyance for new users.

You can add "sudo aptitude install nautilus-gksu" in a terminal and you get an open as administrator on a right click on any folder or file in nautilus now.

That's very nice, but it's not something my aunt will be able to do.

On Tue, 8 Dec 2009, robin0800 wrote:

> You can add "sudo aptitude install nautilus-gksu" in a terminal and you
> get an open as administrator on a right click on any folder or file in
> nautilus now.
>
> --
> Nautilus should have a superuser mode
> https://bugs.launchpad.net/bugs/12154
> You received this bug notification because you are a direct subscriber
> of a duplicate bug.
>

Even if Canonical integrates it in Ubuntu default apps?

On Wed, Dec 9, 2009 at 02:33, njh <email address hidden> wrote:

> That's very nice, but it's not something my aunt will be able to do.
>
> On Tue, 8 Dec 2009, robin0800 wrote:
>
> > You can add "sudo aptitude install nautilus-gksu" in a terminal and you
> > get an open as administrator on a right click on any folder or file in
> > nautilus now.
> >
> > --
> > Nautilus should have a superuser mode
> > https://bugs.launchpad.net/bugs/12154
> > You received this bug notification because you are a direct subscriber
> > of a duplicate bug.
> >
>
> --
> Nautilus should have a superuser mode
> https://bugs.launchpad.net/bugs/12154
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in Nautilus: Confirmed
> Status in “nautilus” package in Ubuntu: Triaged
>
> Bug description:
> For the following moves:
> 1. can't change permissions of a different user or root. WHy not
> implement sudo prompt* here, instead of just "Access denied"?
>
> 2. can't move files into directories with root control on them, eg.,
> moving azureus from ~ (/home/user) to /opt or /usr/share. Again, a
> sudo prompt* should occur here. Moving files with the terminal is
> annoying.
>
> I think I read Red Hat is working on elminating the terminal recently
> as well...
>
> *sudo prompt because it's useful for us who use hte option "nopasswd"
> in /etc/sudoers :)
>
> http://bugzilla.gnome.org/show_bug.cgi?id=65058:
> http://bugzilla.gnome.org/show_bug.cgi?id=65058
>
> To unsubscribe from this bug, go to:
> https://bugs.launchpad.net/nautilus/+bug/12154/+subscribe
>

What do you think of an ‘Unlock button’ like the one of the time-admin app ?

The user open the permissions dialog. There is already a message “You are not the owner, so you cannot change these permissions.”. An ‘Unlock’ button give him the ability to bypass its user privileges to perform permissions change as root.

I have made a mockup of what I think.

I personally prefer the popup menu, but I see no reason not to have both
methods. The button is certainly sensible for single file cases.

Gosh, it's been five years and still hasn'[t been fixed. I suggest the same way Finder has done it: prompt for password when trying to do something requiring root.

I can't believe this hasn't been implemented yet. Are we trying to keep Linux as an Operating System for 'geeks' only?!

Changing permissions isn't exactly the most basic of Linux commands; and going to the command prompt might be the first idea that comes to many Linux users minds, but how about those new to Linux who don't know all these commands.

PomCompot I very much dig your mockup there, and it's pretty much as I had imagined the solution prior to seeing this lanchpad entry. It is also in keeping with current design of root user access for GUI applications.

Hey guys,

This bug is linked to other "upstream" bug reports, which means Ubuntu has (rightly) passed this onto the developers of Nautilus. Once it's implemented upstream, Ubuntu will include it in a new release, and other distributions will get this new feature in their new releases as well.

It's taking so long because (I'm guessing based on comments in the upstream bug report) this feature request is a bit bigger than you guys might immediately realize, and it's also not a very important fire to put out. Nevertheless, there's been very little to say against the feature, which is a good sign, so I would expect to see this in GNOME some time in the future, even if not immediately.

I suggest you CC yourselves to the upstream bug reports if you want to get more updates.

Thanks for the update Jacob, sounds like something might happen at some point. ;-)

The issue seems complex, but I'm going to promote this to the One Hundred Papercuts project to try refocus the problem, since its a valid usability issue, and a very old one.

To those Linux developers every issue seems complex and Ubuntu (and Linux in general) is full of usability issues which exist for as long as Linux exists.

I just stopped using this crap. Everyone should do that. Stop using Linux on the desktop and stop the development, because Linux on the desktop sucks.

there are many possible ways to fix this, some obviously easier than others. I'm going to target this for a paper cut milestone for the time being so we can keep track of it, and forward it to the upstream Nautilus devs later and see what they think.

I think a simple solution would be to add an option to the context menu that says "<Action to perform> as administrator", or some variation on a theme. This would perform the action in the relevant application with root privileges without having to elevate those of Nautilus.

This one has always irritated the heck out of me, because I often don't know in advance of starting Nautilus that I'm going to want to change something in a root-owned file. But I've been resigned to it because I imagined there was some insuperable difficulty in implementing it. And when my students hit this problem I get a little defensive and tell them it's not the developers' fault, it's due to the restrictions in Linux that prevent processes gaining root, which would create a security risk.

I've recently switched to Crunchbang. Imagine my surprise when I found the file manager there can do what I want! The file manager is Thunar. So I googled for 'thunar privilege escalation' and found an interesting article: http://www.psychocats.net/ubuntucat/file-browser-privilege-escalation-done-right/

More than 9 years since this serious usability bug was filed. Almost 7 years since that psychocats article.

The wonderful thing about open source development is the speed of progress, the way that problems are fixed quickly and systems are updated. Really?

This is a very difficult issue because it amounts to a fairly major feature change underneath. Every access has to be wrapped by a permissions check, followed by an authentication. Someone tried to patch this into the file manager a while back, but the patch never got approved.

The real bug is the GNOME bug. That's where most of the work happens, and that's where this bug has been prioritized out of scope for years.

In other words, yes, it's kind of sad this feature isn't in yet, but this isn't the right place to comment. See the GNOME link at the top. Just keep in mind these forums are made up of volunteers.

This feature would be very nice.
But Ubuntu should at least offer an option in the file manager(s) to "open as root" like some other distros (plus a warning somewhere in the window that it's dangerous, like Thunar and Mousepad do when running as root).

Right now, accessing/editing system files requires using sudo in terminal (gksudo was removed so it's not an option) or adding custom actions/scripts to the file manager (and nautilus-gksu was also removed), which is not very user friendly.

For those interested, I created a simple Nautilus extension that adds "Open as Administrator" and "Edit as Administrator" entries to the context menu.

It's in the official Ubuntu and Debian repositories.
Just enable the "backports" repository and install the "nautilus-admin" package.

Of course, this doesn't fix this bug! Nautilus really should ask for the admin password when necessary, but I don't think this will ever be implemented.