Checkbox

the system testing application doesn't indicate why it will need admin privileges

Bug #886661 reported by Brian Murray
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Checkbox
Fix Released
Medium
Jeff Lane 
Checkbox 0.14 "first_q_release"

Bug Description

Checkbox asks me to enter by password but the dialog box mentions that 'Systems Testing' lets me modify essential parts of my system. Does it really need to modify my system or is it only reading information about my system?

Tags: checkbox-ui

Related branches

lp:~bladernr/checkbox/qt-welcome-message
Daniel Manrique (community): Approve
Jeff Lane : Needs Resubmitting
Brendan Donegan (community): Needs Information
Marc Tardif (community): Needs Fixing
Diff: 100 lines (+24/-8) (has conflicts)
3 files modified
debian/changelog (+11/-0)
plugins/backend_info.py (+7/-3)
plugins/intro_prompt.py (+6/-5)
Nicola Heald (notnownikki)
affects: ubuntu-friendly → checkbox
Revision history for this message
Brendan Donegan (brendan-donegan) wrote :

For Ubuntu Friendly, as far as I know if only needs to read information about the system. For some tests which are used elsewhere modification if system files is required. We could potentially give a different message for different sets of tests, but I'm not sure how useful that will be for the amount of effort required.

Daniel Manrique (roadmr)
tags: added: checkbox-ui
Revision history for this message
Daniel Manrique (roadmr) wrote :

We're currently using gksudo and the -D option to set the application's description. This results in the default message: the application "system testing" lets you modify essential parts of your system.

We could potentially use the --message option in gksudo to completely replace the message. The man page for gksudo warns to "only use this if --description does not suffice". However I think given this bug, Checkbox falls in this category.

A generic explanation is that the superuser privileges are needed to run some data gathering tasks and some tests. For instance, the dmidecode run requires root privileges. These tests have user: root in their description. This could be phrased in a friendly, nice manner and put in plugins/backend_info.py. An equivalent option for kdesudo (and maybe plain old textmode sudo) needs to be found as well.

I'll set this as Triaged with importance: Medium (as it's important not to generate mistrust from users).

Changed in checkbox:
status: New → Triaged
importance: Undecided → Medium
Revision history for this message
Daniel Manrique (roadmr) wrote :

One way to do this would be to switch to using pkexec instead of sudo and friends. With pkexec, and as per the man page, a policy file can be written with a more friendly message, like:

"Authentication is needed to allow System Testing to gather information about your system and run some tests with special privileges".

Before deciding if this is feasible, we need to carefully look at the implications, particularly what would happen with the environ: variable passing mechanism needed for some superuser-level tests. Also, a way to automate this process (as can be done with sudo, so that it doesn't ask for a password if the system is configured in a certain way) needs to be found, mainly for high-volume environments where typing the password millions of times may be cumbersome.

With this analysis in mind, I'll milestone for 0.14 so we have a look at this in time for Q.

Changed in checkbox:
milestone: none → 0.14
Jeff Lane  (bladernr)
Changed in checkbox:
assignee: nobody → Jeff Lane (bladernr)
status: Triaged → In Progress
Daniel Manrique (roadmr)
Changed in checkbox:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.