Use sudo to copy, move/rename, delete

[probonopd]

Our objective is that "mere mortals" will never use the Terminal to use the system.

Right now copy, move/rename, delete operations just fail if the user does not have the required permissions.
This makes it impossible to remove an application from /Applications without the Terminal, for example.

This is what happens:

Instead of showing an error, Filer should:

1. Set the SUDO_ASKPASS environment variable to /usr/local/bin/askpass (the experimental builds ship it already)
2. Launch sudo <helper> <action to be performed>

<helper> could either be the full filer-qt or a subset of it that just exposes the copy, move/rename, delete functionality.

Notes:

• In the Tools menu, Filer has "Open as Root" but it seemingly does nothing. Related?
• We don't want polkit

[kettle-7]

In the Tools menu, Filer has "Open as Root" but it seemingly does nothing

I don't know what is going on there, but if it's sudo-ing itself there shouldn't be a problem.

We don't want polkit

And that shan't change. PolicyKit is a mess of C libraries that love randomly crashing and dumpling their core.

Set the SUDO_ASKPASS environment variable to /usr/local/bin/askpass (the experimental builds ship it already)

Do you mind if I made a new askpass that gives a bit more explanation as to why it needs a password? A bit like the GNOME "An app is trying to do something that needs administrative permission. We ask for your password just to be on the safe side." That way the user knows what's going on, and the app still needs their consent, but you don't need a fully-fledged polkit implementation.

[probonopd]

Right now the main question is, how to intercept the error message shown above and bring up the "sudo itself" logic instead.

We need to find where the code that triggers the copying/moving etc. is and need to find a way for how to run it as root.

[kettle-7]

I tried to find the definition for fm_job_run_async with grep on all of the source files, and it only came up with two references and no definition. Nothing in any headers either...

[probonopd]

Sorry @linuxkettle I didn't mean to delete comments, just wanted to hide those that didn't add new information. Pressed the wrong button.

Most likely Filer is (still) using libfm for those actions. (Possibly we'll need to replace this by a small helper program written in Qt that could be run as root when needed to perform the operations.)

[kettle-7]

I wonder if it's defined in a system-wide header file?

P.S. my C compiler doesn't work

Edit

It isn't in any files in /usr/include.

[probonopd]

sudo pkg install libfm installs it.

[kettle-7]

That won't work if you change anything in the libfm folder, will it? Because as-is, isn't the libfm in the pkg repositories from the upstream PCManFM?

[kettle-7]

Are we using libfm or libfm-qt for Filer? Because both are subdirectories of /usr/share/include, but libfm-qt has an extra folder called core in it for all of the file operations. So it might be that Filer is compiling against those headers for the file and folder actions, in which case we need to find a way to copy those files and use modified versions of them.

[kettle-7]

Ah yes. Somehow Filer is compiling against these headers without any problems. The libfm folder you've got is incomplete, so no wonder I can't find the file I/O code in in: it isn't there.

[kettle-7]

I've added a PR now.

[kettle-7]

I don't know enough about GLib or C++ to add the sudo code myself, but it looks like you'll need it at libfm-qt/core/filetransferjob.cpp in an else case of the if loop on line 309.

[probonopd]

Possibly this could be used?

Blocked by:
sandsmark/polkit-dumb-agent#5

[probonopd]

Related KDE patch:
https://invent.kde.org/frameworks/kio/-/merge_requests/143

They are using polkit, which is imho too complicated and convoluted, but maybe we can use something simpler like sudo or https://github.com/sandsmark/polkit-dumb-agent.