Hi guys, using the new updated kicksecure, but since the user and sysmaint account is seperated, I don’t know how to access files between the accounts. For instance, I have an openvpn script in user but I can’t run it if I have to reboot after using sudo. I also may have other times where I need ro run sudo on user files specificly and directories are not linked afaik. Can anyone support me here? Thanks.
Shouldn’t OpenVPN things be doable via the network manager widget and not need root permissions?
In general, there are a few solutions if the reboot isn’t an option:
- You can remove user-sysmaint-split and go back to having a sudo-enabled user account. You can do this by rebooting the system, then selecting
REMOVE user-sysmaint-split | enable unrestricted admin mode
in the boot menu. Follow the on-screen directions after doing this. - You can automatically run things as root on bootup or login by creating a systemd unit for it.
- You can place your script under
/usr/local/bin
, then create a privleap action that runs it with the appropriate arguments. Then you can use theleaprun
utility to run the script as root even while booted into a user session. Theprivleap.conf.d
andleaprun
manpages should give you the needed info to do that, and there are lots of existing privleap config files in/etc/privleap/conf.d
to give you examples of what to do. You can put your new config file in/etc/privleap.conf.d
.
2 Likes
Documented here:
Applications requiring Administrative Rights during User Session
1 Like