On Tue 28 Feb 2017 at 12:31:00 (+0000), GiaThnYgeia wrote: > As a user and as I understand it you should not be able to make > system-wide changes and many packages affect other parts of the system. > A user can install and run any package that does not affect the system, > as a stand alone. The system is a whole must be maintained by the > sysadmin for all users. That is my simplistic understanding. > Unless it is specifically configured otherwise I don't see why these > assumptions would be wrong. Imagine if I like MATE and the other user > likes X11 and I delete x11 and install MATE, or I install a package that > has dependency conflicts and replaces what is essential for the other > users' packages. > > Live systems allow you to install whatever you like as they assume you > are the root or sysadmin. > > At least that is how I understand security policy for this system.
Apart from not understanding what you mean by "installing packages as a stand alone", that all looks fine. My post merely demonstrated that synaptic is not unusual in being runnable by ordinary users. So your inability, and the need for a password, lies outside synaptic and in the realm of the DE, which set up the icon or menu that you use to the exclusion of other methods. In a sense my post was just a gloss on Jonathan Dowland's post. So why did I comment on _your_ post? Only days ago, I mentioned someone's old d-u assertions that you couldn't run aptitude as an ordinary user, which is not true. I didn't want your statement to give people the same false impression anout synaptic, especially as that someone uses synaptic. Both aptitude and synaptic can run by an ordinary user, and it's a very safe way to run them when you don't yet fully understand their abilities. > David Wright: > > On Mon 27 Feb 2017 at 11:13:00 (+0000), GiaThnYgeia wrote: > >> testingAmd64LXDE > >> > >> I have never, not once, been able to run synaptic in any similar system > >> without a root or a sudo password. Not to execute a command, just to > >> get the gui up you need a password. > > > > Why would that be? You should be able to do so. There's a popup > > window that says this: > > > > Starting "Synaptic Package Manager" without administrative privileges > > > > You will not be able to apply any changes, but you can still export > > the marked changes or create a download script for them. > > > > I can select packages, look at their properties, dependencies, > > installed files, get changelogs etc. I can edit some of the > > preferences. I can see the immediate effects of that in files > > like ~/.synaptic/synaptic.conf when I click OK. I can select > > packages for installation and it will write a little script > > for me: > > > > #!/bin/sh > > wget -c > > > > http://ftp.us.debian.org/debian/pool/non-free/i/ibm-3270/3270-common_3.3.14ga11-1_i386.deb > > > > So it suggests that the OP has set something in their system > > to cause the behaviour they observe, both the popup and the > > fact that a user's password is sufficient for installing software. > > > > I can run (the similar program) aptitude likewise. The main differences > > with synaptic are that aptitude is in the user's normal PATH (whereas > > synaptic is in /usr/sbin); when you try to install, it asks you to > > consider becoming root from the Actions menu; and if you persist, it > > gives you the option to become root in a dialog box, and you can then > > type the root password. > > > >> I don't know whether creating a user with 100% admin privileges will > >> still require a pass or not, I suspect it would still. As if you add a > >> user in the sudo group it is the user's pass that is asked. So > >> something is wrong on your specific installation. Cheers, David.
