Description of problem: Whenever you need to use Isodumper to work with a USB, it currently needs to be run under the root user. As it is not affecting any system files (that I am aware of) is it possible to run Isodumper by requesting the user password, like the Mageia Updater. This will make it more user friendly. Do you really need to be root to format a USB stick? What if the Administrator (person) is un-available to the user (due to distance or communication) when the user requires to format a USB. Do you really need to be root to burn an .iso to the USB? Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3.
Well, Isodumper doesn't only show USB sticks, but also any large USB disks that are attached. It does show my 2TB external disk as possible device to work on. Anyway, assigning to papoteur :-)
CC: (none) => mageiatools, marja11Source RPM: (none) => isodumperAssignee: bugsquad => yves.brungard_mageia
(In reply to Marja Van Waes from comment #1) > Well, Isodumper doesn't only show USB sticks, but also any large USB disks > that are attached. It does show my 2TB external disk as possible device to > work on. > That's why I think only the root user should be able to use isodumper. In an ideal world, authentication level would be configurable as it is for other Mageia tools: http://doc.mageia.org/mcc/6/en/content/draksec.html
CC: (none) => jim
Hello, This not very difficult for to adapt the authentication level. What I can't do is to adapt draksec to include isodumper and manage the authentication level.
Maybe enable user auth, and add some user guidance, like if target drive is larger than 70 GB ask user to think again if that really is the correct target. ( Also, dont alow writing to mounted drives., drives in fstab, etc - i dont know how it do the selection today but maybe it can be extended )
CC: (none) => fri
Advice from Luigi you'd probably have to use polkit to allow "user password" it should probably be configurable in draksec which password it asks for, so sysadmins can lock it down more if they want to
The bug https://bugs.mageia.org/show_bug.cgi?id=15124 is something which retains from moving to draksec. The authentication dialog from KDE doesn't say which password is asked for.
Somehow user authentication for mga-update got solved there :)
fixed
Resolution: (none) => FIXEDStatus: NEW => RESOLVED
Hello Ben, No, this is not yet implemented. The password asked is always the root one. Reopening.
Status: RESOLVED => REOPENEDResolution: FIXED => (none)
(In reply to papoteur from comment #9) > Hello Ben, > No, this is not yet implemented. The password asked is always the root one. > Reopening. It is also user's password if that user is member of wheel group, as sudo user.
CC: (none) => ouaurelien
Ah yes being wheel (which I forgot I was in comment 7) is good solution to o lot of things. https://wiki.mageia.org/en/Configuring_sudo#Step_3:_Add_users_to_the_wheel_group_to_allow_them_to_have_root_privilege Should we decide to let it be and close as wontfix?
This seem to work in isodumper 1.48, Mageia 9 I logged in as another user which is not wheel nor configured for sudo. When isodumper asked i could select that current user and give his password, and it worked. There was a dropdown in which i could also select another user (my other self, which is wheel. root was not selctable, and is not needed.
Resolution: (none) => FIXEDStatus: REOPENED => RESOLVED