On Fri, Oct 31, 2014 at 11:29:26AM -0400, shawn wilson wrote: > I'm trying to allow an apt user to run apt* commands. I've got this polkit: > > /etc/polkit-1/localauthority/30-site.d/10-org.com.foo.apt.pkla > > [Configuration] > AdminIdentities=unix-user:apt > Action=org.debian.apt.* > ResultAny=no > ResultInactive=no > ResultActive=yes > > However when I: su - apt > it looks like nothing has changed: > > $ apt-get update > E: Could not open lock file /var/lib/apt/lists/lock - open (13: > Permission denied) > E: Unable to lock directory /var/lib/apt/lists/ > E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied) > E: Unable to lock the administration directory (/var/lib/dpkg/), are you root? > > I've got aptdaemon installed. Any idea what I'm doing wrong here? Unless I'm misunderstanding what you want to do, you could just use sudo. Run 'visudo' to edit the /etc/sudoers file and add this line in the "User privilege specification" section: apt ALL=NOPASSWD: /usr/bin/apt-get * The NOPASSWD part is optional. You could omit it and the apt user would have to enter a password to run apt-get. The '*' is a wildcard. You could omit it and be specific, like this: apt ALL=NOPASSWD: /usr/bin/apt-get update apt ALL=NOPASSWD: /usr/bin/apt-get upgrade This would allow both of those commands to be run by the apt user. -Rob
Attachment:
signature.asc
Description: Digital signature