Sudo password entry using gnome password prompt

When I perform administrative tasks in the terminal, I often need to use sudo and enter my password. This is done inside the terminal, which is both annoying and insecure. It happens to me often enough that I start typing my password and then another program window opens, claims focus and grabs the rest of my password. Often happens after system boot when opening thunderbird, which seems to be slow to start.
Now I know that sudo has the -A option to use a helper tool as specified in either /etc/sudo.conf or via the SUDO_ASKPASS environment variable. Unfortunately I do not know what to put there.
I would like to use the same gnome popup window that I get when using ssh or gpg. How do I do that?

1 Like

https://man.cx/pkexec

1 Like

pkexec is pretty cool, but it does behave differently from sudo. I really like that with sudo I only need to enter my password every 5 minutes, so I can perform some tasks without having to type my password very often. Opening a root shell with pkexec would work in this regard, but it does not log me out after 5 minutes. Also, with sudo I can run graphical applications (in wayland, how crazy, didn’t know until I first tried 5 minutes ago :wink: ).

sudo tee /etc/polkit-1/rules.d/00-custom.rules << "EOF" > /dev/null
// Keep pkexec auth for 5 min
polkit.addRule(function(action, subject) {
    if (action.id == "org.freedesktop.policykit.exec" &&
        subject.isInGroup("wheel")) {
        return polkit.Result.AUTH_ADMIN_KEEP;
    }
});
EOF
sudo systemctl restart polkit.service 
2 Likes

Thanks a lot! That solves it for me. Cannot use graphical applications that way, but I haven’t run any graphical application as root for many years (until my test today), so no real need for me.

2 Likes