I have an application written in qt5 that may need root rights when saving a file. That is, the user himself chooses in QFileDialog :: getSaveFileName () where to save it. And if he chooses something of type in / etc, then he may need root rights.

So, how to organize it? That is, the root rights request should occur exactly when the user chooses a save path that cannot be rooted without. Who will advise what? Are there any ready-made arrangements for this?

  • The easiest way to give this application (the executable file, of course, and not to any interpreted script) is the -s and owner root bits (but carefully calculate all the consequences, we don’t know what your application can do in principle). - avp

3 answers 3

My five kopecks.

With the help of QFileInfo, the availability of the record (or access in general) is checked with the help of: permission () or isWritable () or to look at the documentation.

Further, really, we cause the third-party application through su / sudo. Option two:

  1. Save the file to a temporary storage (/ tmp / XXXX) and copy with sudo cp . To read, if not enough rights, the same, but in reverse order. You must not forget about the original access rights and restore them later.
  2. Similarly, we use sudo cat and sudo tee to read and write using standard input and output streams. In this case, intermediate files will not be required, but it will be necessary to be more confused with reading / writing to the process channel.

In both cases, you need to read the standard error stream and, when prompted to enter a password, display a dialog box asking for it and pass it to the process's stdin + '\ n'.

    Your program should initially run in elevated privilege mode (root), that is, it should be run from a user who has access to the directory you need. If this is not the case, it is impossible to access the files, because the operating system will not allow this. You must run your program using sudo. For information about file permissions, you can use QFile::permissions()

    • No, this option is not suitable. And there are applications that request root rights during operation. - zamazan4ik

    There is an option. You can start a child process on behalf of the superuser, connect to it through the pipe and get access to the desired file in this way.

    • What do you think about using polkit? - zamazan4ik
    • @ zamazan4ik technically, this glucodrome implements what I described. Only in a complex way with a bunch of stupid bells and whistles and the involvement of D-Bus. An enthusiast with the letter P, who guesses to stick a purely user-specific phenomenon (dbus) in the heart of the OS, should sit on a hot frying pan without candies. I think so. - gbg
    • Well, I understand you. That is, I should write a combine application, which I will call upon every action that may require root rights, causing it with root-rights, will it perform all these actions? - zamazan4ik