Re: apt as a user

To: shawn wilson <ag4ve.us@gmail.com>
Cc: debian-user <debian-user@lists.debian.org>
Subject: Re: apt as a user
From: Vanessa <vanessa@ulukai.org>
Date: Fri, 31 Oct 2014 21:29:44 +0100
Message-id: <[🔎] 5453F138.7050707@ulukai.org>
In-reply-to: <[🔎] CAH_OBidMMDPKcr9NScW7=BpabFs_k2CQH9j_cT2+zX+AQY+Kmw@mail.gmail.com>
References: <[🔎] CAH_OBidZWKUGqO++pgcvau-U2FwSZT+Ro+XcMMTN0jTGnJ4Adg@mail.gmail.com> <[🔎] 5453B364.5090205@yandex.com> <[🔎] CAH_OBifh3DaadFYrup51DVL9iN6fuyvCoQ+Dcy3QXr7MAfmOYQ@mail.gmail.com> <[🔎] 5453BB72.8010703@ulukai.org> <[🔎] CAH_OBidMMDPKcr9NScW7=BpabFs_k2CQH9j_cT2+zX+AQY+Kmw@mail.gmail.com>

On 2014-10-31 19:36, shawn wilson wrote:
> On Fri, Oct 31, 2014 at 12:40 PM, Vanessa <vanessa@ulukai.org> wrote:
>> On 2014-10-31 17:17, shawn wilson wrote:
>>> On Fri, Oct 31, 2014 at 12:05 PM, Mario Castelán Castro
>>> <marioxcc.MT@yandex.com> wrote:
>>>> El 31/10/14 09:29, shawn wilson escribió:
>>>>
>>>>> I'm trying to allow an apt user to run apt* commands. I've got this
>>>>> polkit:
>>>>>
>>>>> /etc/polkit-1/localauthority/30-site.d/10-org.com.foo.apt.pkla
>>>>>
>>>>> [Configuration]
>>>>> AdminIdentities=unix-user:apt
>>>>> Action=org.debian.apt.*
>>>>> ResultAny=no
>>>>> ResultInactive=no
>>>>> ResultActive=yes
>>>>>
>>>>> However when I: su - apt
>>>>> it looks like nothing has changed:
>>>>>
>>>>> $ apt-get update
>>>>> E: Could not open lock file /var/lib/apt/lists/lock - open (13:
>>>>> Permission denied)
>>>>> E: Unable to lock directory /var/lib/apt/lists/
>>>>> E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission
>>>>> denied)
>>>>> E: Unable to lock the administration directory (/var/lib/dpkg/), are you
>>>>> root?
>>>>>
>>>>> I've got aptdaemon installed. Any idea what I'm doing wrong here?
>> If I'm reading the description and documentation of aptdaemon right, you
>> need to use an aptdaemon client, which would be aptdcon in the same
>> package. But the fetching and installation would then be done by
>> aptdaemon, which would still be run as root and not the user executing
>> aptdcon.
>>
> Ahha, that sorta worked:
> $ aptdcon --safe-upgrade
> The following packages will be upgraded (31):
> [.....]
> Do you want to continue [Y/n]?Y
> ERROR: You are not allowed to perform this action.
>
> ('system-bus-name', {'name':  ':1.50'}): org.debian.apt.upgrade-packages
>
>
> So, I'm guessing there's something wrong with my polkit rule?
After some experimenting (Thanks for the excuse to finally do some
polkit diggging :P ) it seems you need Identity instead of
AdminIdentities. Also the other Result* lines should be set to yes, too.
This worked for me:

[Configuration]
Identity=unix-user:apt
Action=org.debian.apt.*
ResultAny=yes
ResultInactive=yes
ResultActive=yes

Reply to:

References:
- apt as a user
  - From: shawn wilson <ag4ve.us@gmail.com>
- Re: apt as a user
  - From: Mario Castelán Castro <marioxcc.MT@yandex.com>
- Re: apt as a user
  - From: shawn wilson <ag4ve.us@gmail.com>
- Re: apt as a user
  - From: Vanessa <vanessa@ulukai.org>
- Re: apt as a user
  - From: shawn wilson <ag4ve.us@gmail.com>

Prev by Date: Re: Perfect Jessie is something like this...
Next by Date: Re: Camera SD card mounting problems (defined by systemd)
Previous by thread: Re: apt as a user
Next by thread: Systemd and Unix
Index(es):
- Date
- Thread