Enabling package installation for non-root users

To: debian-devel@lists.debian.org
Cc: Jens Dreger <dreger@physik.fu-berlin.de>
Subject: Enabling package installation for non-root users
From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Date: Thu, 23 Feb 2012 16:32:18 +0100
Message-id: <[🔎] 1330011138.26511.6.camel@z6>

Hi,

I'm looking for a way to enable non-root users to install packages on
their local machines, but not removing/purging them.

I know that probably the proper way to achieve that is PackageKit, but I
was wondering if there is also a way to allow the use of apt-get, with
constraints for certain options.

A possible solution would be an entry like this in the /etc/sudoers:

user host=(root) NOPASSWD: /usr/bin/apt-get update
user host=(root) NOPASSWD: /usr/bin/apt-get install [[\:alpha\:]]*
user host=(root) NOPASSWD: /usr/bin/apt-get -s install [[\:alpha\:]]*

However, apt-get accepts options even after specifying the package list
and also allows to remove packages by appending a minus sign.

For example, with the above entries:

apt-get install -q <package> will fail, however, apt-get install
<package> - won't. Also, apt-get install <package>- allows the removal
of packages which we don't want.

Is there a sane way to use /etc/sudoers like above or should we
completely refrain from that and use PackageKit?

Regards,

Adrian

Reply to:

Follow-Ups:
- Re: Enabling package installation for non-root users
  - From: Neil Williams <codehelp@debian.org>
- Re: Enabling package installation for non-root users
  - From: Josselin Mouette <joss@debian.org>
- Re: Enabling package installation for non-root users
  - From: Philip Hands <phil@hands.com>

Prev by Date: Re: Multiarch file overlap summary and proposal
Next by Date: Re: Default display manager should not be gdm3
Previous by thread: Re: Intent to file mass bugreports for ia32-libs*
Next by thread: Re: Enabling package installation for non-root users
Index(es):
- Date
- Thread