So the way I installed Kicksecure was without granting root rights to user to lock it down better.
How can I make it so user can still do upgrade-nonroot without adding user to the sudo group?
Would changing the permissions to the upgrade-nonroot and apt-get-update-plus achieve this?
chmod 755 /usr/bin/upgrade-nonroot
chmod 755 /usr/bin/apt-get-update-plus
Would this be a stupid idea? (just want to be able to use user to update/upgrade not install packages)
So the way I installed Kicksecure was without granting root rights to user to lock it down better.
How can I make it so user can still do upgrade-nonroot without adding user to the sudo group?
By learning sudo. Unspecific to Kicksecure.
Would changing the permissions to the upgrade-nonroot and apt-get-update-plus achieve this?
I don’t understand how that is related. upgrade-nonroot is not unattended (automatic) upgrades.
related to automatic updates:
Not sure.
upgrade-nonroot is safe because it does not allow passing command line options.
That stackexchange answer if it permits arbitrary command line options then this might permit a user to not only upgrade but also remove/install packages as well as command line options that allow to escalate from user to root.