cross-posted from: https://discuss.online/post/34255100
Thought I’d create a distinct thread from the previous one asking about daily use, because I really do want to hear more on people’s pain points. Great to know people are generally sounding pretty positive in those posts who recently switched, but want to know your difficulties as well! This way old and new users can share their thoughts, hopefully to inspire a respectful discussion.
Debian in its GUI (at least KDE, which I’m using at the moment) demanding the root password to install the updates it’s blinking at me about in the tray all the time. In this context, demanding a password at all is rather silly (Windows doesn’t require your password to install updates in a single user environment, and it doesn’t even pop up a UAC prompt) and this is going to be yet another one of those things that prior Windows users will moan about, declaring that “Linux is complicated and hard” and drive them back to the comfort of the devil they know when they feel like their own computer is actively trying to stymie them at seemingly every turn.
My user account is a sudoer so there is absolutely no technical reason my own password shouldn’t work. And, in fact, if I run updates via apt in a terminal it does. But allowing updates to install from the desktop environment, something ostensibly ought to be a routine userspace kind of operation, requires everyone using the system who might want to do this to know the system-wide root password. This is a monumentally stupid idea.
I am well aware there are myriad ways around this but they all involve hand-editing config files and come with stern warnings about “this may break your system so proceed ‘carefully,’” as if anyone who is not already an experienced Linux nerd will know just what the hell “proceeding carefully” is supposed to look like.
The inevitable XKCD comic succinctly sums this up:
The UNIX permissions and administration model may have made great sense on glass teletypes in the '70s and when nobody knew any better, but it’s certainly long outmoded now. It’s going to make a lot of people very angry to read this, but that’s actually one of the few things that Windows does much better, at least starting from NT onwards.
Hear me out: It still makes sense for servers, shared hosting, etc. So … where Linux has predominantly been the tool of choice.
It probably does. And in e.g. such a headless system, it makes sense as the default. Or more likely, whoever set that system up set it up in the way they want it to behave, hand-editing config files be damned because that certainly wouldn’t have been the only config file they had to edit.
From a home desktop computer perspective, however, it’s baffling. At minimum that should be one of the questions in the graphical installer: “Would you like Debian to make your routine installation of software updates annoying? Yes/no. You cannot change your choice on this later without doing a bunch of scary commandline shit.”
Oh I realize I didn’t mention this in my original comment at all. I agree with you 103%. I want to write a separate comment about this very thing, updating things in general on Linux. I have my dad daily driving Linux along with me, and he’s somewhere between a power user and a regular “need web, document editing and PDFs” type of guy, and there is such a wide spread of software from such a wide spread of “sanctioned” installation sources on Linux, that he never really knows how to update … Anything.
Here’s a random list of “ways to update a program” we have encountered in the last few weeks off the top of my head:
If anyone thinks of other ways to add to this list, feel free to post them, would give me a laugh for sure.
We are both definitely not going anywhere, but we have constant conversations about how it would be nearly impossible to daily drive Linux if you are not very technically inclined, and how these things make Linux very much “not ready for prime time”, because people are simply used to “X needs update! Do you want to update now? [Yes] [No] [Later]”, and the Update just … WORKING.
Couldn’t you just replace the old appimage but have the same file name?
While I have switched from Windows to Mint with most of my PCs, permissions are the single most annoying thing I still deal with on Linux. And have been over the last decade of trying out distros over the years. I truly detest the way permissions work and were the main reason it took me so long to switch. The current political world and tech company garbage is what did it.
Doesn’t Ubuntu disable the root user out of the box and expect these actions to be performed via sudo/polkit. There is clearly a precedent for not needing a root password and being able to use your own user’s password for these kinds of things. So it is a monumentally stupid idea to require the system-wide root password, but not one that is done by all of linux, and seems to be a decision made by your distro to not use the modern solution.
The fact is though, you’re right and the pain point is that distros are still doing things the silly way.
If I can
sudo apt installwithout requiring a password, I could generate a package that installs a custom sudoers config file that allows me to do anything, so “passwordless sudo, but just for apt” is potentially easily exploitable to gain full access. But that also still assumes A) you care and B) someone has access to your account anyway (at which point you may already have bigger problems)I run KDE Plasma on Debian. Discover (the GUI for package updates) has never demanded the root password.
I wonder why yours would do that. Maybe the difference is because my root account doesn’t have a password? If you’re already a sudoer, you might try that.
I’m not sure what app that is.
Software upgrades package on Fedora without requiring a password, so that future is a reality for some.
Reading up on PolKit and ACLs would probably be good.