I just installed fresh Manjaro KDE Stable to my parent’s laptop.
I’ve added them as regular system users so they can’t mess up system settings. I’d like to allow (only) software updates for them. Default system installer installed pamac as the GUI.
Where/how I could allow them to run only the system update utility (pamac-updater)?
The philosophy behind the modern Linux distro… @raspi if you want something similar to how executables can work on Windows without admin look into AppImages
% groups parentsname1
audio input lp optical storage video users sys network scanner power parentsname1
Now they can run the updates. They can also remove and install apps now. I’ll update this answer if I figure out if I can limit the remove/install. For now this is OK.
So now both parents are listed with “Standard” account type in User Accounts and if they mess with system settings which asks password (PolicyKit), it will fail, but they can update the system (specifically listed in sudoers) , which was that I wanted.
I would create a special group “pamac” or any other group instead of using the users group
And in the sudoers use the new group name instead of each users