GNOME panel and sudo

[Manu Cornet]

Hi !

> I don't think we want this since this won't understand the file grammar
> and can lead to some false positives.

Right. I probably shouldn't overlook this.

>>* Directly use the "sudo" command. If I type "sudo -l", then I can see
>>what types of commands I am allowed to run (and that's all I need). The
>>problem is that it needs my user password ; and asking the user to type
>>his password a second time when his session is opening is of course out
>>of the question. But, since we need a setuid root anyway, maybe there is
>>a way to run a "sudo -l", as root, to get info about a particular user
>>(but I don't know how to do that).
> 
> And then? You'll need to parse the output of this and it might be
> complex...

Hmmm, but there's only one line left to parse ?... :) All right, it's 
probably noy the best thing to do. And by the way, I tried Julien's way 
(become root then su USER -c "sudo -l"), it works for my own user 
because my sudo password was still cached, but it needed a password for 
another user. Anyway... if there's no proper way to do that without 
requiring a password, it's not the good idea :)

> I also liked Danilo's idea:
>   export USER_IS_ADMIN=1
> But it just moves the problem to the start of the session, instead of
> having it in gnome-menus ;-)

Well, since I'm working on gnome-menus, I would agree with that ! ^^ I 
do think this is a pretty good solution, since we might want to use this 
information for other purposes. For example : as default, hiding the 
notification zone (where Ubuntu tells you there are updates available) 
to non-sudoers. This does not belong to gnome-menus (right ?), and we 
probably don't want to add a helper in multiple places ?

Manu