Desktop Entry Spec : RootRequired entry

Dave Cridland dave at cridland.net
Fri Sep 2 13:40:08 EEST 2005 

On Fri Sep  2 10:48:04 2005, Waldo Bastian wrote:
> What I would like to see clearified is whether, in case of 
> "RootRequired=Yes", the menu system should do whatever is needed to 
> run the program as root, or whether that is the responsibility of 
> the application itself.

I think the answer is probably that its the Menu system's problem. 
Most applications which do require root access have no internal 
method of acquiring it, and it's a difficult piece of code to do 
right. Moreover, although it could be wrapped into the .desktop file 
itself, how to obtain root access is a property of the distribution, 
not the application, and it makes sense to abstract that.

>  In KDE the menu system typically calls kdesu to run the 
> application as root when it indicates that it requires root, but 
> there are also cases where an application is started with normal 
> user privileges but which will require the root password later on.

Interesting, and it depends on what you want the RootRequired for. 
It's either display, or launching.

Personally, I quite like both:

1) Application will not run without root access:
RootRequired=Yes

2) Application will run in a limited manner without root access, and 
has no method for acquiring root access internally:
RootRequired=Optional

3) Application will run in a limited manner without root access, and 
has internal method for acquiring root access:
RootRequired=Internal,Optional

4) Application will not run without root access, but has internal 
method for acquiring root access:
RootRequired=Internal,Yes

5) Application will run normally without root access:
RootRequired=No

A) Display.

If RootRequired is Yes, the Menu system SHOULD present some indicator 
with the entry.

If the user is somehow known NOT to have root access (and there are 
multiple methods for doing this), then if RootRequired contains Yes, 
the Menu system MAY suppress the entry.

If RootRequired contains Optional, then if the user is known to have 
root access, the Menu system MAY treat the entry as RootRequired 
contains Yes in every respect. If the user is known not to have root 
access, the Menu system MAY treat the entry as RootRequired contains 
No in every respect.

B) Launching:

If RootRequired contains Internal, then for launching purposes, the 
Menu system MUST treat the entry as if RootRequired=No. Otherwise:

- If RootRequired=Yes, the Menu system MUST run the program as root 
(via kdesu, or whatever method is most suited. [We should probably 
define some single method for this, for the ease fo the 
distributions]).
- If RootRequired=Optional, the Menu system MUST attempt to acquire 
root access (via kdesu, etc), but if this fails, the application MUST 
be run as the normal user.

C) Syntax:

Informally: RootRequired MUST, if specified, include Yes, No, or 
Optional. It MAY contain Internal. We should probably work in some 
form of capability-style expansion space, and decide how to treat 
them in current applications, so we can describe the capabilities 
actually required.

For Linux, we might only need CAP_NET_ADMIN for a network control 
panel, for instance. I'm very unclear on how we might specify that 
kind of notion on, say, Solaris, though - I have no clue about the 
portability of this. I'd would assume that if we added specific 
capabilities, this would be treated as RootRequired=Yes if an 
implementation didn't understand them.

Dave.

More information about the xdg mailing list