kdesu ownership change

close the program, then delete the old file owned by your user,
example /.kde/share/config/yakuakerc then kdesu yakuake and
see that the file now is owned by root

confirmed. this is evil.

Removing the kdesudo package will fix this temporarily.

This is _NOT_ a security bug....

sorry :)

Like it says in the dup bug 132245 removing the package is not a fix, it's a workaround at best and not a great one. If we need you to test something you don't have the package to test any more, be prepared to reinstall if we need you to test things.

sudo apt-get remove kdesudo

.deb with fix.

uploaded to gutsy-proposed

Fix works, thank you

On the other hand, I consider this a sudo bug and not a kdesudo one.

Remove your yakuakerc file, and start it via : sudo yakuake

Then look at your yakuakerc file... :
-rw------- 1 root root 25 2007-10-21 12:24 .kde/share/config/yakuakerc

I don't if it is related, but a part of this bug is not solved. (confirming to marked as duplicate bug #144722.

I can indeed now start X-applications with root.

I still can't start applications as another user on my local system (user "test" in the below example) without doing "xhost +local:" (xauth does not work either) first. With the previous kdesu I didn't need to set "xhost +local:". Another change is that I don't need to fill in the password of user "test", but my own password that I also use when I want to start a root-application with sudo/kdesudo. So I can now access every user on my system with my own password. That is off course very handy, but confusing.

Tonio: this is sane for sudo, you shouldn't use sudo for graphical apps for exactly that reason. not a bug in sudo imo.

jeroenvrp: I'm working on this issue now.
You can have a look at my changes and test:

http://ubuntu.lnix.net/misc/kdesudo_debdiff_ubuntu3_dynamic_xauth.diff
http://ubuntu.lnix.net/misc/kdesudo_1.1-0ubuntu5_i386.deb

Please give feedback.

Tested kdesudo_1.1-0ubuntu3, but now I can't use kdesudo for root anymore (no permission for X). Reverted back to kdesudo_1.1-0ubuntu3.

Oeps...

Must read:

Tested kdesudo_1.1-0ubuntu5, but now I can't use kdesudo for root anymore (no permission for X). Reverted back to kdesudo_1.1-0ubuntu3.

Can it be something with your session? Tried logging out and back in?

I can certainly kdesudo to root and other users on two machines. with kdesudo_1.1-0ubuntu5.

Accepted into gutsy-proposed, please test.

@Frode: Yes, I even restarted X. When I downgraded to kdesudo_1.1-0ubuntu3, it worked again right after I'd downgraded. So I rather have kdesudo_1.1-0ubuntu3 than kdesudo_1.1-0ubuntu5.

jeroenvrp: Sorry, my bad. New deb up at same location.

Is the fix in the repos yet?

On 10/22/07, Frode M. Døving <email address hidden> wrote:
> jeroenvrp: Sorry, my bad. New deb up at same location.
>
> --
> kdesu ownership change
> https://bugs.launchpad.net/bugs/155032
> You received this bug notification because you are a direct subscriber
> of a duplicate bug.
>

@Frode: Thank you. The new deb (5 (2nd upload)) works fine, I don't need xhost +local: anymore to start X-applications as another (non-root) user. Only issue that remains (by maybe thats a feature) is the issue with the passwords. I have to give my own password (like sudo root) to start an X-app as another user.

That's how sudo works. It's like typing in a terminal:
sudo su anotheruser

On 10/22/07, jeroenvrp <email address hidden> wrote:
> @Frode: Thank you. The new deb (5 (2nd upload)) works fine, I don't need
> xhost +local: anymore to start X-applications as another (non-root)
> user. Only issue that remains (by maybe thats a feature) is the issue
> with the passwords. I have to give my own password (like sudo root) to
> start an X-app as another user.
>
> --
> kdesu ownership change
> https://bugs.launchpad.net/bugs/155032
> You received this bug notification because you are a direct subscriber
> of a duplicate bug.
>

I can confirm that kdesudo_1.1-0ubuntu5 fixes the problem mentioned in the dup bug #132245. When running 'kdesudo kwrite', kwrite now uses /tmp/kde-root and /tmp/ksocket-root.

kdesudo_1.1-0ubuntu5 also fixes the problems I had with root-konqueror
and dolphin (dup Bug #144722).
"echo $UID $HOME" in a root-dolphin's terminal now returns: 0 /root
Thanks for the fix.

@Martin: I have just tested kdesudo_1.1-0ubuntu2.1_i386.deb from gutsy-proposed.

This version does _NOT_ solve all problems:
kdesudo konsole ->
    root@test:~# echo $UID $HOME
    0 /home/jo
    root@test:~# pwd
    /home/jo
but should be /root imo.

Frode's kdesudo_1.1-0ubuntu5_i386.deb (from link given above) works fine.

Note: with both versions I get a warning during package update:
"/var/lib/dpkg/info/kdesudo.postrm: didn't understand being called with `upgrade' "

Please do not move kdesudo_1.1-0ubuntu2.1_i386.deb to gutsy-updates,
but continue with a version based on Frode's kdesudo_1.1-0ubuntu5_i386.deb.
Thanks

Ditto that.

On 10/25/07, jott <email address hidden> wrote:
> Please do not move kdesudo_1.1-0ubuntu2.1_i386.deb to gutsy-updates,
> but continue with a version based on Frode's kdesudo_1.1-0ubuntu5_i386.deb.
> Thanks

I also have this bug when using the "run as root" feature in Dolphin for example.
My workaround is to change the home folder and files permissions back to the user using the console, so far.
Is there a working patch available?
The ones posted above seem not to work 100%.

http://ubuntu.lnix.net/misc/kdesudo_1.1-0ubuntu5_i386.deb
This should work perfectly.

Seems simple-patchsys.mk isn't enabled for some reason in this package. Altered debian/rules to apply our patch (but not the other patches in debian/patches).

New package accepted into gutsy-proposed, please test.l

Is this the same version 1.1-0ubuntu5?

On Wed, Oct 31, 2007 at 08:24:03PM -0000, maybeway36 wrote:
> Is this the same version 1.1-0ubuntu5?

No.

What has changed in kdesudo "2.1" since kdesudo "5"? What was wrong
with version 5?

On 10/31/07, Jonathan Riddell <email address hidden> wrote:
> On Wed, Oct 31, 2007 at 08:24:03PM -0000, maybeway36 wrote:
> > Is this the same version 1.1-0ubuntu5?
>
> No.
>
> --
> kdesu ownership change
> https://bugs.launchpad.net/bugs/155032
> You received this bug notification because you are a direct subscriber
> of a duplicate bug.
>

With kdesudo 1.1-0ubuntu2.2 we are back to being unable to start anything non-root:

-----<FAILURE OUTPUT>---------
tvrtko@sol:~$ kdesudo -u safeav xosview
Xlib: connection to ":0.0" refused by server
Xlib:
No protocol specified

Can't open display named
-----</FAILURE OUTPUT>---------

Please bring version 5 into proposed. Why was version 2.2 introduced?

I have verified that kdesudo 1.1-0ubuntu2.2 fixes the issue of ownership. However I did receive this information when upgrading the package:

Preparing to replace kdesudo 1.1-0ubuntu2 (using .../kdesudo_1.1-0ubuntu2.2_amd64.deb) ...
Unpacking replacement kdesudo ...
/var/lib/dpkg/info/kdesudo.postrm: didn't understand being called with `upgrade'
Setting up kdesudo (1.1-0ubuntu2.2) ...

I have some questions:
1. Why was kdesudo 1.1-0ubuntu2.2 put in proposed?
2. How is it different from kdesudo 1.1-0ubuntu5, posted by Frode M. Døving and verified to work?
3. What is simple-patchsys.mk?

Can someone please bring Frode M. Døving's fix into gutsy-proposed?

Copied to gutsy-updates.

You can't run programs as non-root users (like you could in an earlier version) and I still have no clue what's going on.

Last upload to hardy fixes the issue.
THe patch has been merged with the bzr branch.

At least it works with root, as it sohuld, and normal users can get a fix. If they want to use different users, they can remove kdesudo and run kdesu.

Just checked today, as I saw that kdesudo was updated.
Still can't connect to X server. (original bug 144722, marked as duplicate of this one)

I'm a bit lost, did there exist a version that did not have this problem ?
If so, is this the fix that was uploaded to Hardy ? If that is the case, can we have a fix in Gutsy too ?

$ dpkg -s kdesudo
....
Architecture: amd64
Version: 1.1-0ubuntu2.2
.... .

$ kdesudo adept_updater
X Error: BadDevice, invalid or uninitialized input device 171
  Major opcode: 147
  Minor opcode: 3
  Resource id: 0x0
Failed to open device
X Error: BadDevice, invalid or uninitialized input device 171
  Major opcode: 147
  Minor opcode: 3
  Resource id: 0x0
Failed to open device
Xlib: connection to ":0.0" refused by server
Xlib:
No protocol specified

adept_updater: cannot connect to X server :0

Running apps as root worked for me; other users did not.

I have exactly the same behavior as wateenellende here.

kdesu version 1.1-0ubuntu2.2 doesn't fix it.

Duplicated bug 144722 describe my problem more accuratly than this one. Seems to me that it is not the same issue. My /home is through NFSv4 like described in the 144722 bug. The problem appears after an upgrade from feisty to gutsy.

I thought I had bug 144722 today, but it turned out to be a NFS permission problem. /home was exported without no_root_squash i.e. root_squash was in effect. (I was also using NFS4, fyi) I believe that this situation would prevent the sudo (or kdesudo) process from having access to the root owned files, such as ~/.kde/share/config/adept_updaterrc. I set no_root_squash on the export, remounted and my problem was solved.

I confirm that I have the same no_root_squash behaviour. Mounting my home this way granted access to kdesu. BUT, I don't think that this is a fix. Using no_root_squash introduce serious security problems and I don't want to mount my filesystems that way. Anyway, I didn't change nor update my NFS server recently and the upgrade was on the client side only. Feisty client was ok with the root_squash, not Gutsy.

@gogh: I do think your problem is a duplicate of this bug. If kdesudo
is working as it should, it never accesses files in ~/.kde, but only
in /root/.kde. So mounting your home file system with root_squash
should not be an issue if kdesudo is working correctly.

kdesudo_1.1-0ubuntu5_i386.deb as posted in one of the comments to this
bug, completely solved the problem for me.

IMHO, this is not a "NFS permission problem", because having
root_squash is desirable behaviour and not a problem. Secondly users
may not have control over the NFS server (such as here at work), so
root_squash will always be in effect, and kdesudo should work in such
an environment anyway.

Anyway, now we know what's going wrong:
kdesudo must work in an environment where the user's home directory is
not writable by root (but currently it doesn't).

On Nov 23, 2007 4:23 AM, Brian Buchanan <email address hidden> wrote:
> I thought I had bug 144722 today, but it turned out to be a NFS
> permission problem. /home was exported without no_root_squash i.e.
> root_squash was in effect. (I was also using NFS4, fyi) I believe that
> this situation would prevent the sudo (or kdesudo) process from having
> access to the root owned files, such as
> ~/.kde/share/config/adept_updaterrc. I set no_root_squash on the
> export, remounted and my problem was solved.
>
>
> --
> kdesu ownership change
> https://bugs.launchpad.net/bugs/155032
> You received this bug notification because you are a direct subscriber
> of a duplicate bug.
>

The current version of kdesudo in gutsy and hardy does not need root-write access to $HOME.
The kdesudo version released in the first gutsy, did however start programs as root, but with the users environment variables.
This evil and ugly bug told programs like adept, dolphin, konqueror and others,
to save their configuration files to the users $HOME/.kde/ folder,
even when the programs actually were running as the root user.
The result is root-owned files in the users home directory once a program is executed with kdesudo.
This issue is fixed in the ubuntu2.2 version in gutsy and in the hardy version.

One should check the user home directory for root-ownership on configuration files, as that can be frustrating.
Saving new configurations, bookmarks, settings etc. as the user might not work at all, if this is the case.

In that case, there must be something else wrong as well.

The kdesudo ubuntu2.2 did not work for me, programs could not connect to
the X server. If I recall correctly, issueing an "xhost +" would resolve
that.

Removing kdesudo and using kdesu instead worked for me.

Other people have reported that removing the option root_squash from the
NFS share made it work for them, but I am not root at the faculties main
file server, so I can't test that.

Frode M. Døving wrote:
> The current version of kdesudo in gutsy and hardy does not need root-write access to $HOME.
> The kdesudo version released in the first gutsy, did however start programs as root, but with the users environment variables.
> This evil and ugly bug told programs like adept, dolphin, konqueror and others,
> to save their configuration files to the users $HOME/.kde/ folder,
> even when the programs actually were running as the root user.
> The result is root-owned files in the users home directory once a program is executed with kdesudo.
> This issue is fixed in the ubuntu2.2 version in gutsy and in the hardy version.
>
> One should check the user home directory for root-ownership on configuration files, as that can be frustrating.
> Saving new configurations, bookmarks, settings etc. as the user might not work at all, if this is the case.
>

Looks like someone should file another bug.

On Nov 24, 2007 2:29 AM, wateenellende <email address hidden> wrote:
> In that case, there must be something else wrong as well.
>
> The kdesudo ubuntu2.2 did not work for me, programs could not connect to
> the X server. If I recall correctly, issueing an "xhost +" would resolve
> that.
>
> Removing kdesudo and using kdesu instead worked for me.
>
> Other people have reported that removing the option root_squash from the
> NFS share made it work for them, but I am not root at the faculties main
> file server, so I can't test that.
>
>
>
> Frode M. Døving wrote:
> > The current version of kdesudo in gutsy and hardy does not need root-write access to $HOME.
> > The kdesudo version released in the first gutsy, did however start programs as root, but with the users environment variables.
> > This evil and ugly bug told programs like adept, dolphin, konqueror and others,
> > to save their configuration files to the users $HOME/.kde/ folder,
> > even when the programs actually were running as the root user.
> > The result is root-owned files in the users home directory once a program is executed with kdesudo.
> > This issue is fixed in the ubuntu2.2 version in gutsy and in the hardy version.
> >
> > One should check the user home directory for root-ownership on configuration files, as that can be frustrating.
> > Saving new configurations, bookmarks, settings etc. as the user might not work at all, if this is the case.
> >
>
> --
> kdesu ownership change
> https://bugs.launchpad.net/bugs/155032
> You received this bug notification because you are a direct subscriber
> of a duplicate bug.
>

Just read my original bug report, 144722, which is marked as duplicate
of this one.

On Nov 24, 2007 4:47 PM, maybeway36 <email address hidden> wrote:
> Looks like someone should file another bug.
>
>
> On Nov 24, 2007 2:29 AM, wateenellende <email address hidden> wrote:
> > In that case, there must be something else wrong as well.
> >
> > The kdesudo ubuntu2.2 did not work for me, programs could not connect to
> > the X server. If I recall correctly, issueing an "xhost +" would resolve
> > that.
> >
> > Removing kdesudo and using kdesu instead worked for me.
> >
> > Other people have reported that removing the option root_squash from the
> > NFS share made it work for them, but I am not root at the faculties main
> > file server, so I can't test that.
> >
> >
> >
> > Frode M. Døving wrote:
> > > The current version of kdesudo in gutsy and hardy does not need root-write access to $HOME.
> > > The kdesudo version released in the first gutsy, did however start programs as root, but with the users environment variables.
> > > This evil and ugly bug told programs like adept, dolphin, konqueror and others,
> > > to save their configuration files to the users $HOME/.kde/ folder,
> > > even when the programs actually were running as the root user.
> > > The result is root-owned files in the users home directory once a program is executed with kdesudo.
> > > This issue is fixed in the ubuntu2.2 version in gutsy and in the hardy version.
> > >
> > > One should check the user home directory for root-ownership on configuration files, as that can be frustrating.
> > > Saving new configurations, bookmarks, settings etc. as the user might not work at all, if this is the case.
> > >
> >
> > --
>
> > kdesu ownership change
> > https://bugs.launchpad.net/bugs/155032
> > You received this bug notification because you are a direct subscriber
> > of a duplicate bug.
> >
>
> --
> kdesu ownership change
> https://bugs.launchpad.net/bugs/155032
> You received this bug notification because you are a direct subscriber
> of a duplicate bug.
>

Does anyone know how connections to X are made ?

If this is completely independent from any file owner issue, then bug 144722 is not a duplicate of this bug and should be treated separately. Unfortunately I can't find an "unduplicate" button.

Seems like a different issue, all right. I don't use NFS, and it works
fine here.

maybeway36 wrote:
> Seems like a different issue, all right. I don't use NFS, and it works
> fine here.

I thought the same, but maybe we are wrong.

Here's why:

gogh wrote:
> I have exactly the same behavior as wateenellende here.
> kdesu version 1.1-0ubuntu2.2 doesn't fix it.

Brian Buchanan wrote:
> I set no_root_squash on the export, remounted and my problem was solved.

gogh wrote:
> I confirm that I have the same no_root_squash behaviour.

However:
Frode M. Døving wrote:
> The current version of kdesudo in gutsy and hardy does not need root-write access to $HOME.

But if that is the case, why would root need write-access (through "no_root_squash") on $HOME to be able to connect to X ?

My guess (and only explanation) is that kdesu version 1.1-0ubuntu2.2 is still trying to write to $HOME to handle the connection to X.
So, a) it seems at least related to this bug; (and we can't "unduplicate" anyway); b) kdesu version 1.1-0ubuntu2.2 needs another fix.

I'm not sure about this, but I think you need *read* access on ~/.Xauthority to able to connect to X. With NFS root_squash, root is mapped to nobody, which would require .Xauthority to be world readable, which is not the case.

Can somebody confirm this hypothesis?

Wouter Horré: That sounds sane to me.

I have read what you all have posted and somewhat understand but not fully. I have been going round and round with this issue of kdesudo and cannot figure out what I need to do to get this fixed. I use gusty and have tried to get an answer as to how to fix this issue or how to get a fix for it. I have gone from KDE to Kubuntu groups and now here. Here is my post to a previous group ...

When my system boots up I get this message ... No command arguments supplied!
Usage: kdesudo [-u <runas>] <command>
KdeSudo will now exit...

After I click the "ok" button I try and start my wine programs hotpops2.11 which retrieves my hotmail and brings it into my Opera mail client and ypops which gets my yahoo mail. I have to uninstall kdesudo then it works a few times then I have to reinstall kdesudo then it will work a few times then I have to repeat the process. This only happens with these wine programs. I cannot find any information on kdesudo commands. I see kdesu but not sure if this is related to kdesudo nor do I understand what this programs if for and how it works.

Can anyone tell me how to fix this? Should I use xhost + local or something like that or force a certain version of kdesudo from somewhere?

This issue is probably due to one of the other programs you have
installed. It sounds very strange, but I doubt it is related directly
to kdesudo.

I disagree due to the fact that uninstall kdesudo and it works and after it stops working I reinstall it. It has something to do with kdesudo

I am getting an error when I install kdesudo ... wine: /home/ben/.wine is not owned by you

does this help to better define the error?

try:
sudo chown -R ben.ben ~
to make you own your stuff.
See if that fixes it. Make sure to upgrade kdesudo too.

Last upstream version fixes this

I am having the same problem as described above. Any help is appreciated.

curtiswtaylorjr, update your operative system!