Desktop Entry Spec : RootRequired entry

Manu Cornet Manu.Cornet at GMail.com
Mon Aug 29 03:34:15 EEST 2005 


Hello !

We had this subject discussed a few weeks ago, but as it gets more 
precise, here's a short rationale and a patch (attached) for the 
desktop-entry-spec.

##############################   Purpose   #############################

The purpose is to hide, in the menus, programs that require elevated 
privileges from non admin users, therefore reducing application clutter. 
  A side effect would be to allow some distribution maintainers not to 
manually prepend, for example, "gksudo" to the "Exec" value for these 
entries.

###########################   Specification   ##########################

The new key is RootRequired=yes|no|optional. It basically specifies 
whether the program needs elevated privileges ; if "optional", the 
program needs the privileges to fulfill all of its capabilities, but can 
still be run and provide useful information if it hasn't.

###############   Possible implementation and rationale   ##############

Now, apart from the spec, here's the most probable interpretation of 
this. A boolean environment variable (USER_IS_ADMIN) could be set, each 
distribution using its preferred way (for example, Ubuntu has an "admin" 
group) to set it. Then the values of RootRequired would be used as follows :

* "yes" : if USER_IS_ADMIN == 1, display the entry in the menus and use 
elevated privileges (eg prepend "gksudo" to the Exec value). Otherwise, 
hide the entry from the menus.

* "no" : do nothing (do not hide the entry, do not modify the Exec value).

* "optional" : do not hide the entry. If USER_IS_ADMIN == 1, use 
elevated privileges ; otherwise, don't.

* If USER_IS_ADMIN is not set or the RootRequired key doesn't exist in 
the entry, assume the value is "no".


Doing this will allow the following :

1) Non-admin users don't see all these programs for which they don't 
have the authorization anyway.

2) Elevated privileges are automatically used when needed.

3) Some programs, for example package management tools, can be run 
without elevated privileges (eg list installed packages, search for a 
particular package), but still need them for more control (eg actually 
install new packages). By using the "optional" value, non-admin users 
can still perform non-admin actions, while admin users can use the full 
capabilities of the program.


That's it :o) The attached patch adds the RootRequired key to the 
desktop-entry-spec. Can it be committed ?

Cheers,
Manu Cornet
-------------- next part --------------
A non-text attachment was scrubbed...
Name: desktop_entry_spec_add_root_required_key.patch
Type: text/x-patch
Size: 1094 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/xdg/attachments/20050829/8e738d09/attachment.bin

More information about the xdg mailing list