After a long discussion on #ubuntu-devel I now understand the thinking.
gksu can be installed on 13.04 with sudo apt-get install gksu
and it will work.
If you decided to install gksu and are using the 64-bit version you'll need to run gksu-properties
once to set the authentication to sudo. There is no need to do this on 32-bit as it's set to sudo by default.
However gksu is not recommended any more and it may be removed entirely from future issues of Ubuntu. In general the development team would prefer us not to use GUI applications as root but to use sudo and the command line instead.
In the long term pkexec is preferred however it's not very easy to use at the moment.
pkexec allows an authorized user to execute PROGRAM as another user. If username is not specified, then the program will be executed as the administrative super user, root.
see the man page man pkexec
for more information.
In the mean time you can open a terminal CTRL+ALT+T or search for terminal in dash.
Do not close the terminal until you have finished this is important as the GUI program is a child of the terminal and if you close it the GUI program will also close.
Enter sudo -i
You are now logged on as root so can make the changes you want for example
gedit path_to_file
to edit a configuration file, or
nautilus
to run the file manager
When you are finished close the GUI application then in the terminal
exit
You can now close the terminal.
sudo -i
should work in reverse too but you need to state which user you want to run as:
DISPLAY=:0 sudo -i -u oli zenity --info --text "Oh hai!"
Best Answer
Graphical applications often store settings and other user-specific data in configuration files written inside the user's home folder. The main mechanism applications use to determine what they should use as the user's home folder is the
HOME
environment variable. (You can inspect it yourself withecho $HOME
).Suppose you're running
gedit
(a graphical text editor) asroot
. If you runsudo gedit
,HOME
will continue to point toward your home directory, even though the program is running asroot
. Consequently,gedit
will write configuration files asroot
into your home directory. This will sometimes result in the configuration files being owned byroot
and thus inaccessible to you (when you later run the program as yourself and not asroot
). This mainly happens when the application has to create a new configuration file. Newly created files, by default, are owned by the user who creates them (who in this case isroot
, not you).That's the primary reason why you should run graphical applications with a graphical
sudo
frontend rather than with straightsudo
. In Ubuntu and most of its derivatives (including Xubuntu and Lubuntu), the standard graphical frontend isgksu
/gksudo
. In Kubuntu it iskdesudo
. (It depends on the desktop environment being used.)If you want to use
sudo
directly to run a graphical application likegedit
, you can run:The
-H
flag makessudo
setHOME
to point toroot
's home folder (which is/root
).That still won't automatically handle the ownership of
.Xauthority
by copying it to a temp folder (this is the other thing that graphicalsudo
frontends take care of for you). But in the infrequent event that.Xauthority
is inaccessible, you'll get an error saying it is, and then you can fix the problem by deleting it (sudo rm ~/.Xauthority
), as it's automatically regenerated. Thus, protecting.Xauthority
's ownership and permissions is less important than protecting the ownership and permissions of configuration files.In contrast to a
root
-owned.Xauthority
, when configuration files become owned asroot
, it's not always as obvious what the problem is (because graphical programs will often run, but not work very well, and output any useful errors to the console). And it's sometimes a bigger hassle to fix, especially if you're in a situation where you want one or more files in your home directory to be owned by someone other than you (because then you cannot fix it simply by recursivelychown
ing all your files back to yourself).Therefore,
sudo
(at least without-H
) should not be used to run a graphical application unless you are highly familiar with the app's inner workings and know for sure that it does not ever attempt to write any configuration files.