On 07/06/13 02:33, Todd And Margo Chester wrote: >> >> There is a long standing security reason non root users can't update >> software which affect all users on the system. Remember over all *ux >> design is based on a multi user model where only people granted root >> access by password access or even better sudo access can affect all >> users. This is a good thing, it was done in response to computer viruses >> in the 70s. > > yes. I agree. If you look over at the bug report, the request > is to prompt the user for the "root" password. Sort of like > Mac OS does when they are install new packages. If the user does not > know the root password, too bad. At least it will not try to > install and then crash. There are several packages out there > that already do this (ls /usr/bin | grep -i config) > This is quite simple policy-kit changes. The network configuration changes is handled by this policy: <file:///usr/share/polkit-1/actions/org.freedesktop.network-manager-settings.system.policy> If there's a specific binary which is called (other than /usr/bin/firefox) to do these updates, it would be fairly simple to add this feature. You would basically need a <action/> policy including a line similar to this one: <annotate key="org.freedesktop.policykit.exec.path">/path/to/binary</annotate> And then the updater need to be started via /usr/bin/pkexec ... and it would Just Work. See the polkit(8) man page for more info. -- kind regards, David Sommerseth