Ubuntu
gksu package

gksudo could be more user friendly

Bug #13731 reported by Jay Camp
30
Affects Status Importance Assigned to Milestone
gksu (Ubuntu)
Fix Released
Wishlist
Sebastien Bacher

Bug Description

This is similar to bug #7964, but I didn't want to reopen it since I didn't have
a part in it. Plus I'm looking at this on an even deeper level. Running
programs as root is still terribly confusing.

When a user wants to run the Ubuntu Update manager, that is what they expect.
Instead (if authorization has expired) they are sidetracked into authorizing
through this external program. A one-step process has been turned into a
two-step process. While we obviously need to keep both of these steps, they
should be integrated to feel like it's more of a one-step process.

Example:

When running the Ubuntu Update Manager, for instace, gksudo says:

Window Title: Changing user...
Message: Please enter your password to run /usr/bin/update-manager as user
root

There are at least three problems I see with this. First of all the bit about
changing user really isn't valid. Behind the scenes, yes, their user has
changed. But from their perspective all that's known is that they now have
rights to accomplish their task. Second is that it gives the text
"/usr/bin/update-manager", which doesn't mean much to them. In the menu it's
called something totally different. Third is that it mentions the root user,
which for all intents and purposes, doesn't even exist in Ubuntu.

(I also wonder why some of these root programs are residing in /usr/bin, but
that's for another bug...)

This is my proposal for our example. It's easy to see how all other
applications would follow this format:

Window Title: Ubuntu Update Manager
Icon: update-manager.png
Message: Ubuntu Update Manager requires administrative privileges to run.
 Please enter your password.

gksudo --title "Ubuntu Update Manager" --icon
/usr/share/pixmaps/update-manager.png --message "Ubuntu Update Manager requires
administrative privileges to run. Please enter your password."

Now it seems that this dialog is _part_ of Ubuntu Update Manager and flows with
the task. One might could argue that you could reduce the message down to

"Please enter your password to run Ubuntu Update Manager."

But I think they should still have some idea that this program can change things
on their computers (for good or bad) that they wouldn't otherwise be able to.

Problems:

* Translation of the gksudo message as well as the program name
    * (both of these could be obtained from its .desktop file)
* Text is very long with the current wording (see attachment)
    * patch gksudo to wrap text or shorten text
* Adding the icon to the dialog
    * this is also available from the .desktop file

Revision history for this message
Jay Camp (jayc) wrote :

Created an attachment (id=1581)
Example

Revision history for this message
Matt Zimmerman (mdz) wrote :

Sounds nice; did you modify gksu to create your example, and if so could you
share the patch with us?

Revision history for this message
Jay Camp (jayc) wrote :

gksu didn't have to be modified at all for the example. I just executed this to
simulate what it could do.

gksudo --title "Ubuntu Update Manager" --icon
/usr/share/pixmaps/update-manager.png --message "Ubuntu Update Manager requires
administrative privileges to run. Please enter your password."

I'm thinking about patching gksu like this. It'd be a lot shorter than above
and alleviate the translation issues. The following would be an example of
what's changed in update-manager.desktop:

Exec=gksudo --desktop update-manager.desktop /usr/bin/update-manager

So that it could read

a) the translated name of the program to display
b) the icon to show

The generic message would need to be changed in gksu and retranslated.

I'm more than open to other suggestions on how to implement this.

Revision history for this message
Matthew Paul Thomas (mpt) wrote :

Athentication alerts should use the stock authentication icon, which the current
alert does
<http://developer.gnome.org/projects/gup/hig/2.0/windows-alert.html#alerts-authentication>.
But there are other things that could be improved in the current alert:
1. The title should be removed. As noted in comment 0 the current title is
inaccurate; but alerts shouldn't have titles anyway, because (in general, even
if not in particular) they're unhelpfully redundant with the alert text.
<http://developer.gnome.org/projects/gup/hig/2.0/windows-alert.html>
2. The default button would make a bit more sense as "Continue" than as "OK".
3. The Cancel and Continue buttons would be faster to use if they responded to
Cancel and Enter, not Alt+C and Alt+O.
4. The program name should be in quotes (to avoid occasional non-sequiturs),
and could be put earlier in the sentence to ease scanning of the text.

So, something like this:
 ____________________________________________________
|::::::::::::::::::::::::::::::::::::::::::::::::::::|
| |
| _ To run the program "Ubuntu Update Manager", |
| |_| you need to enter your password. |
| |:::| _______________________________ |
| '"""' Password: [_______________________________] |
| |
| ( Cancel ) (( Continue )) |
|____________________________________________________|

Revision history for this message
Jerome Haltom (wasabi) wrote :

I have created enhancement bugs (bug #16965, bug #16966 and bug #16967) which
are related to this. I believe all three enhancements would increase the
functionality of the gksudo scenario.

Revision history for this message
Gustavo Noronha Silva (kov) wrote :

Matthew, about using Esc and Enter instead of Alt+o and Alt+c: they already do
work; I believe you're against having two ways of doing the same thing (I
remember having read this in an article you wrote), do you suggest avoiding the
stock cancel button or something like that? I don't think that'd be good.

Revision history for this message
Matthew Paul Thomas (mpt) wrote :

True. I didn't know there was such a thing as a stock cancel button. if Alt+C
and Alt+O are controlled by stock buttons, they should be fixed separately, not
worked around here.

Revision history for this message
Joachim Noreiko (jnoreiko) wrote :

The mockup in #4 looks gret, but it could also have a help button that leads to
a documentation page that explains the concepts of root user & sudo.

Revision history for this message
Sebastien Bacher (seb128) wrote :

*** Bug 26071 has been marked as a duplicate of this bug. ***

Revision history for this message
Carthik Sharma (carthik) wrote :

Since the message has changed since in Dapper, and the new message does include a variation of the desired messages, can this bug be closed now?

Thank you for reporting and working on this bug.

Changed in gksu:
status: Unconfirmed → Needs Info
Revision history for this message
Jay Camp (jayc) wrote :

The message in Dapper is:

The application '/usr/sbin/synaptic' lets you modify essential parts of the system.

I still see some problems with this. It still gives the path to the executeable which isn't very user-friendly or descriptive.

I think it'd be better if it said "The application <b>Synaptic Package Manager</b> lets you modify essential parts of the system."

Bolding it would quickly focus the user onto what they are about to grant access to.

Revision history for this message
Sebastian Heinlein (glatzor) wrote :

You could open a bug against gnome-panel. gksu supports desktop files to extract application names. I switched the gksu calls in (not of) update-notifier, gdebi and gnome-app-install to the desktop file mode.

As Carthik already mentioned, I changed the messages in gksu to a hopefully more user friendly style. Furthermore I synced the messages in desktop mode and the default messages in gksu.

Gnome-panel could make use of KDE's setuid feature in the desktop files. At the moment we include the gksu call in the exec option of the menu items.

By the way the messages introduced by Ubuntu specfic patches can be translated through rosetta.

Regards,

Sebastian

Changed in gksu:
status: Needs Info → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.