Launch application as root not as sudo

I want to open and use neovide as root, but when on any user profile

  • I basically want to do this because everytime i have to change anything in my configuration file i have to go in there as root
  • On top of that if i open neovide as a user it shows all the folders, through the telescope plugin, of which that user has access to, which is really nice when you just want to move around your system, really makes it feel like im in a terminal
  • But when i try to go to the nixos folder with my configuration from neovide it doesnt show it to me through the telescope plugin, i can still navigate to it from netrw but kind of defeats the purpose of using neovide, at that point i might as well go back to the terminal
  • I just want neovide to always open as root on any user account so that i can just navigate my entire system from there and i dont need to go back to the terminal just to edit a few files

This is a completely unnecessary endeavor and i realize that, but it is something i wish to do on my system because it is just a nicer way of doing things for me, if there is any way i can make this happen please let me know

Currently i have tried the following

Custom Script

I tried making a simple neovide-root.sh file with the following code

#!/bin/bash
su
cd /
neovide

and i ran it as bash neovide-root.sh

but all that ended up doing was switching to root and doing nothing, since i started the script in my user profile any effect that that script were to do would only occur in my profile, and if i were to exit and switch back to m user then the rest of the script would execute

Custom *.desktop File

i also tried making a neovide-root.desktop file by doing this

[Desktop Entry]
Type=Application
Terminal=True
Exec=sudo neovide "$@"
Category=Utility

and then i just ran it with rofi and it did turn on

but as you can imagine it was only given sudo privilages and not root ones
i also tried switching the Exec command to be su && neovide and su neovide but they just did the same thing as the script up above

Security.sudo in the Configuration file

i applied the sudo privilage, nopasswd setting in the configuration file by doing this

    security.sudo = {
	enable = true;
	extraRules = [{
	    groups = [ "wheel" ];
	    commands = [
		{
		    command = "/run/current-system/sw/bin/neovide";
		    options = [ "NOPASSWD" ];
		}
	    ];
	}];
    };

and i still didnt get root access
i however do think that this setting did function properly and the only reason i didnt get root access to files and folders is because of course as the setting itself says it gives sudo access to everything not root access, but i guess at this point i just hoped it would

These were all my attempts and hopefully someone can tell me that i want to do is possible and i dont have to back and forth between my terminal and neovide

So, if this is your underlying goal, why not just make your configuration owned by your user? You can place the configuration in your home directory, and then use NIX_PATH=nixos-config=<path-to-configuration.nix>.

You can then make that permanent with nix.nixPath.

This is kinda inadvisable, as this would allow any process to gain root permissions through neovide.

A less insecure approach would be to teach neovide to use pam to elevate its permissions when you ask it to open a file it doesn’t have permissions to, as that would allow it to give you a password prompt. I’m not a user of vi or any of its descendants, so I’m not certain how you would set that up, but I’m sure plugins for that exist.

Either way, that particular detail is probably something you’d get better suggestions for in neovide-related spaces than on this discourse.

1 Like

interesting, i guess ill see where to go then

did not know about this, but with what your saying, im getting that i should do this

mv configuration.nix /home/username/configuration.nix

then go into my configuration.nix file and then do the following

NIX_PATH=nixos-config=/home/username/configuration.nix
if nix.channel.enable
then [
  "nixos-config=/home/username/configuration.nix"
];

did i miss something or is this correct

Almost. See the wiki entry here: Nixos-rebuild - NixOS Wiki

Ok i tried that out and it was a bit confusing but it worked, for anyone that wants to know the ways of changing their configuration location here is the gist,
Guides

Moving the file to another folder

  • Take your configuration.nix file from /etc/nixos and then move it to the/new/path
  • Once that is done, go into your config file and explicitly reference files that are still in your nixos folder, e.g, i use dwm and its config is currently referenced as src = ./dwm and i changed it to src = /etc/nixos/dwm

Add new location to your config

  • After the re-referencing you are supposed to add the following code to your config,
nix.nixPath = [
  "nixos-config=the/new/path/configuration.nix"
  "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos"
];
  • Just add this anywhere and you’ll be fine

Making changes permenent

Before we make anything permenent we must first point to the new location temporarily using this,

sudo nixos-rebuild switch -I nixos-config=the/new/path/configuration.nix

This will tell the system where your config file is now located and when it reads the file itself then it will write the new location, which we added earlier, as the new permenent location

  • If after this you receive a bunch of errors about not finding nixpkgs then that means that its still confused about the shift, all you have to do is enter the following,
    sudo nixos-rebuild switch -I nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos

and then all problems will be solved and you can now just do nixos-rebuild switch as usual

2 Likes

though i would like to know what is this pam you speak of, is this a program that is designed to elevate permissions

Before that, one note:

Instead of doing that, personally I would create a directory in the new location and also move those files, as well as change their permissions. No reason to keep them in the root-owned directory at that point, and nix will resolve relative paths to wherever configuration.nix is.

Just don’t use a /etc/nixos directory at all, basically.


Kind of. Wikipedia has a decent description. It has a dbus API which lets applications just authenticate against it with nice IPC, which in turn then lets applications gain various privileges depending on what else is installed. One thing this can expose is root permissions, kind of like a program interface for sudo.

Of course, neovide could also just call sudo for you whenever you ask it to open a file it doesn’t have permissions to open. However this is implemented, IMO neovide should manage asking for appropriate permissions when needed, you shouldn’t just give it a blanket permission to do anything all the time.

2 Likes