What’s the proper way to edit a root file in a gui editor?
Please don’t say “just use vim”…
I’m on xfce. I’ve tried:
pkexec xed /etc/fstab
sudo xed /etc/fstab
it works, but, with lots of warnings, and it uses a default theme with terrible contrast that makes comments unreadable.
I thought I’d copy the xed theme from /home/me to /root but I can’t even find it.
I’ve just tested sudoedit and sudo nano.
Looks like sudoedit is basically a better sudo nano, with extra syntax highlighting, and it opens the file in a temp location and only saves it back to the intended file at the end, which is arguably safer.
It’s still nice to know that opening a privileged gui is a possibility, even it shouldn’t be a first choice, even if it’s usually not needed.
I can see where the warnings about running gui apps as root are coming from, but I’d like to think I can trust a simple gui application that’s been part of a distro for years - I certainly trust it more than some of the other, non-gui apps I’ve had to install, like drivers from the AUR.
Just for the lulz, I tried using VSCode, but the sandbox wouldn’t let me. That’s reassuring
You should never use a GUI program with sudo. So, to edit a root owned text file, you have two options:
Don’t use a GUI text editor, but a terminal text editor and run it with sudo, like vim, nano, joe, ed (and sed) etc. etc.
Use a GUI text editor, but without sudo.
The second option will not work on every GUI text editor, but some of the better ones, like Kate, have polkit support, so they ask you for your sudo password. If you don’t use a GUI text editor with polkit support, you’re stuck using a terminal text editor.
What you should never do is launch a GUI program with sudo.
No, you definitely cannot.
This is not because the GUI applications are inherently untrustworthy, they are not, but because GUI applications are very complex. GUI programs have a lot of dependencies, graphics libraries, widget toolkits, etc, etc… Millions upon millions of lines of code, which were never designed to be run as root, and were never tested with root privleges (it is actually impossible to test them). You have no idea what that code does when it is run as root, there could be bugs in it (like buffer overflows) that are only problematic when run as root. And nobody bothered to test this code, since it is not supposed to be run as root anyway. Three almost certainly are such bugs, because of the complexity of the code, and the fact this code is just reused and reused.
Moreover, most GUI programs will write to your home directory, potentially messing up permissions on your files. This will create a number of other strange bugs and unpredictable behaviour when you are not root. It’s a total mess that is really difficult to fix.