Support for sudo in Gnome gnomesu


SuSE products with the gnome desktop use gnomesu to grant permissions to root required applications. Because gnomesu always asks for a password regardless of your sudo settings (sudo was dropped from gnomesu and will likely never return), desktop users can not easily get around it. There is the eternal debate of security and what is right, lazy, wrong, etc. I am not here to debate those issues. If you want a sudo privs to work under gnome this is my suggestion.

The Problem

There are two components to the problem. One is the default settings in the sudoers file that are added for security reasons (and possibly failure prevention). These options are:

Defaults always_set_home
Defaults env_reset

The second component is the decision from SuSE to use gnomesu as their backend for triggering root access to applications. Gnomesu does not read the sudoers file and will always ask for a password.

The Solution

Two steps. The first step is to comment out the mentioned options in the sudoers file. As root run visudo and comment out the two options to look as follows.

# Defaults always_set_home
# Defaults env_reset

The next step is to create a bash script to trick gnomesu.

# mv /opt/gnome/bin/gnomesu /opt/gnome/bin/gnomesu.orig

Now create a custom script to replace gnomesu. Make sure you it as: /opt/gnome/bin/gnomesu

Here is the contents of the script you will create.

sudo /opt/gnome/bin/gnomesu.orig $@

Make sure that you chmod the file:

# chmod 755 /opt/gnome/bin/gnomesu

That's it! Now anything that use to use gnomesu for authentication will now use the settings in your sudoers file.