0

I have an unusual request. I need to put a password on an app but I need the app to run at the user level (not Sudo or SU). Is there an easy way to do this?

Rinzwind
  • 293,910
  • 41
  • 570
  • 710
Kyle Thompson
  • 23
  • 4
  • You could write a shell script which requests a password before executing the file, but obviously that is like a joke if you are looking for real password protection, as anyone could open the script and retrieve the password from it... – Eduardo López Jan 26 '16 at 19:29
  • What kind of app is that? – Eduardo López Jan 26 '16 at 19:31
  • It is a system that will be permanently installed and will only be running 1 program so I have disabled certain menu items. I believe the program is called "alacarte" It is just so someone can't go in after the fact and make these items accessible again without a password. I am not looking for security as 1 maybe 2 people will ever use the system – Kyle Thompson Jan 26 '16 at 20:08
  • Possible duplicate of [How to make it so that a file can only be executed by root, but not as root?](http://askubuntu.com/questions/665647/how-to-make-it-so-that-a-file-can-only-be-executed-by-root-but-not-as-root) –  Jan 26 '16 at 20:54

2 Answers2

0

You could do that with a simple bash script and Zenity. As stated, this shouldn't be used unless you don't care about security.

#!/bin/sh

#Create the Zenity Window and show it
OUTPUT=$(zenity --password "Password")

#Compare the user input with your hardcoded password
if [ "$OUTPUT" = "abc1234" ]
then
    #Command to launch the application from the CLI. Replace with your own command
    /usr/bin/nautilus
else
    #Throw an error
    zenity --error --text "Password incorrect. Terminating"
fi

Save this to a .sh file, give it +x permissions and you are ready to go, just replace the command accordingly.

muru
  • 193,181
  • 53
  • 473
  • 722
Eduardo López
  • 1,014
  • 8
  • 11
  • It doesnt work for me, I keep getting an error "This option is not available. Please see --help for all possible usages." The error is referring to the `--password` operator for `Zenity` – Kyle Thompson Jan 27 '16 at 15:33
  • Hmm? Strange... what happens if you input 'zenity --password "Password"' in a Terminal Window? – Eduardo López Jan 27 '16 at 16:56
  • Same Error `This option is not available. Please see --help for all possible usages` And `--password` is not listed under the help menu for `zenity` either – Kyle Thompson Jan 27 '16 at 17:24
0

I figured it out, I got it to ask for the password of a user I created called "admin" which is the system administrator. I have set the "user" account to be only a desktop user and not an administrator.

1) I changed the menu entry to say gksu -w -u admin /home/admin/bin/menu.sh (Where I put the script)

2) In the menu.sh script gksu -u user /usr/bin/alacarte

3) When executed, it asks for admin's password and then from there it runs the program as user under the higher admin user.

Normally this would not be a problem, but when alacarte (Menu Editor) is run as admin or root. It edits the menu of admin or root and not the current user which is a little pointless

This sounds really convoluted for a minor problem, and I am sure there is a simpler way to do this. I am relatively new to this sort of thing. Let me know if there is an easier way to do this.

Thanks,

Kyle T.

Kyle Thompson
  • 23
  • 4