7

To the close voters: seemingly a dupe, but not quite, at least not of the suggested one: in the linked question, the commands can be added safely to the sudoers file. In case of an IDE, it is a bad idea.

So I have installed arduino IDE from the software center. Here is the thing, I need to run the command "sudo arduino" from the terminal, for arduino IDE to work correctly for me. Don't get me wrong, whenever I run the arduino from its normal icon, it works also fine. I am just using a specific library which does not compile correctly if I don't use the "sudo arduino" command to open my IDE (not sure why).

Since I need to always open the terminal, I was wondering if it is possible to create a .desktop file (or a .sh maybe?) that I can just click and will run the "sudo arduino" IDE. I want to avoid opening the terminal every time, if possible.

Thanks in advance!

Update 1 ---------------------------------------

I am not interested in just avoiding using the sudo command when launching the IDE from the terminal (so instead of writing "sudo arduion" to write "arduino"). What I want is to avoid using the terminal all together, and have an icon on my desktop that when clicked will run the arduino IDE similarly to going in the terminal and writing "sudo arduino".

Jacob Vlijm
  • 83,767
Metalzero2
  • 205
  • 4
    Possible duplicate of How do I run specific sudo commands without a password? – Sergiy Kolodyazhnyy May 07 '16 at 23:24
  • @Serg I would not say so (but maybe you are right). They are similar but I am interested in the specific example of the Arduino IDE. It's the first time I found that you can run the same program with different admin rights. It's like there two types of IDEs, the "normal version" and the "root version". I want to know how to run the "root version" by double clicking a icon on my desktop. – Metalzero2 May 08 '16 at 14:00
  • @Serg, to the close voters: seemingly a dupe, but not quite: in the linhked question, the commands ar save to add to the sudoers file. In case of an IDE, it isn't! – Jacob Vlijm May 08 '16 at 15:41
  • Dimitris, there is difference in IDE behavior likely because sudo gives you slightly different environment variables. As for the suggested duplicate, you will need that in order to make sudo arduino command run just by double clicking. Otherwise it will wait for password and never launch from .desktop file. You can use gksu too buy after 125 times of writing your password in, you'll get sick of it – Sergiy Kolodyazhnyy May 08 '16 at 22:11
  • @DimitrisPantelis what's the specific library that you are talking about ? – Sergiy Kolodyazhnyy May 08 '16 at 23:00
  • 2
    I agree with @Serg that you should fix the real issue instead of implementing a dangerous workaround. (And in addition to what he says about environment, file ownership/permissions can be another reason for your problem.) – JanC May 09 '16 at 14:45

2 Answers2

5

Suggesting this is a dupe assumes adding Arduino to the sudoers file is a good idea, which it isn't. Never add an application that potentially ruins your system, or edits code to ruin your system to the sudoers file, simply because it as a security risk.

Only add applications or scripts to the sudoers file if:

  • the code cannot be edited (stored in a location that requires administrator's permission to write on), and

  • the application does not have the potention to edit code of other applications or scripts.

What to do in this case

  1. Copy the existing .desktop file to ~/.local/share/applications: 

    cp /usr/share/applications/arduino.desktop ~/.local/share/applications

  2. Open the file with gedit: 

    gedit ~/.local/share/applications/arduino.desktop

    and add a section at the bottom of the file:

    Actions=Arduino IDE with sudo;

[Desktop Action Arduino IDE with sudo]
Name=Arduino IDE with sudo
Exec=gksu arduino
OnlyShowIn=Unity;

Now arduino runs "normally" when you click on it, but has the right-click option to run with sudo:

enter image description here

Notes

  • If you don't have gksu installed (on 16.04, it is pre-installed), you need to run first:

    sudo apt-get install gksu
  • You probably need to log out /in for the edited launcher to be effective.

Alternatively

If you don't want the Arduino icon locked to the launcher, add the command as a keyboard shortcut: choose: System Settings > "Keyboard" > "Shortcuts" > "Custom Shortcuts". Click the "+" and add the command:

gksu arduino

to a shortcut of your choice.

Jacob Vlijm
  • 83,767
  • 1
    gksu is definitely not preinstalled on Ubuntu 16.04 for me (fresh install). You should use pkexec instead. Also, can you state in short why using sudo is better than adding to sudoers file? Because it's permanently this way? – verpfeilt May 08 '16 at 15:19
  • @verpfeilt [2] is a bad idea because you should never have an application added to the sudoers file which is capable of creating and/or editing code that can potentially do anything on your system. anyone, or malicious code, is capable of doing malicious editing in that case. On my fresh 16.04, gksu is installed! It is an appropriate way to run sudo from the gui. – Jacob Vlijm May 08 '16 at 15:23
  • Isn't the application also able to do the same with sudo/gksu/pkexec? Also, I'm pretty sure you are wrong with gksu. Although, it indeed is a proper way to do this, I agree. pkexec looks like the way the Ubuntu updater does it, though, so I think it's the proper way to do it on ubuntu. – verpfeilt May 08 '16 at 15:58
  • @verpfeilt on my system, pkexec coes not work when running arduino, ("could not find display"). The difference is that you should choose to run with sudo, an be aware of it if it happens. If you add an IDE to the sudoers file, I can easily write a script that ruins your system, without knowing your password and without you even noticing what happened. – Jacob Vlijm May 08 '16 at 16:07
  • 1
    Pkexec dosnt work out of the box on graphical applications, and if you do go through the steps to do so it may also be a secuurity issue - argubly the proper way is for the developers to write in functionality to securily use pkexec only when the app needs it, but that isn't going to hapen right? ;p http://askubuntu.com/questions/287845/how-to-configure-pkexec – Mateo May 08 '16 at 22:30
  • @JacobVlijm you are right. I only tested pkexec with a command line tool. Seems like it is expecting to run Mir by default. So gksu still seems to be the tool of choice. I like your answer, it's definitely what he should do if he is using the launcher. Still, I think that people may get the impression that this method is also technically more secure, though it's just a better method that remembers you about what is happening. – verpfeilt May 09 '16 at 13:36
1

Copy the .desktop file and edit the copy with gedit (or any text editor), i.e. by opening the editor and dropping the file into the editors window. You will see a line beginning with Exec=, something like Exec=/path/arduino. This line needs to be modified accordingly, then save the changes.

If you want to read more about desktop files I recommend:

Question: Making .desktop files - Just a few questions
Specification of Desktop files: https://standards.freedesktop.org/desktop-entry-spec/latest/index.html

Start with sudo rights by typing a password

Install gksu using the command sudo apt-get install gksu. Now, use gksu instead of sudo (Exec=gksu /path/arduino) and you will be prompted with a password input field like gparted does, when you are starting via the desktop file.

verpfeilt
  • 2,874
  • for multiple reasons, a bad idea 1. don't edit the original, 2. don't add an application like arduino to the sudoers file,. – Jacob Vlijm May 08 '16 at 14:55
  • 1
    Using pkexec instead of gksu or gksudo works out-of-the-box on Ubuntu without any additional packages, and is now the preferred method for getting superuser authentication. –  May 08 '16 at 14:58
  • Nick: Thanks for the note, I will replace gksu with pkexec.

    Jakob: I changed (1) to make a copy and to (2) I made clear what I am reffering to. If you can explain why (2) is a bad Idea, please add as a comment or edit my answer.

     – verpfeilt May 08 '16 at 15:06
  • [2] is a bad idea because you should never have an application added to the sudoers file which is capable of creating and/or editing code that can potentially do anything on your system. anyone, or maliceous code, is capable of doing maliceous editing in that case. – Jacob Vlijm May 08 '16 at 15:24