I understand the basic idea of why it doesn’t run the actual processes as root. I have no complaints there. The real problem is that it will ask your password and then on long updates (especially with build processes) you can’t necessarily sit there watching it the whole time. I’ve had timeouts in the past but also pretty much every time it takes a long time I end up wasting lots of extra time with it doing nothing but sitting there waiting.
What I’d really like to do is just disable the timeouts only for pamac/pacman. Then it could just elevate when it needs it and wouldn’t have to ask again after the first time.
If that isn’t possible I’d like to know where I might make a suggestion. All it has to do is keep the temporary elevation from timing out. Essentially just do some null operation in a thread within the same environment. Like sometimes I just do “sudo echo ok” in a prompt when I’m waiting on something (for some reason my password is the one thing I can’t type with good accuracy. I think because I type it too much.) That keeps it from timing out on that particular session while I’m waiting on something else to complete so I won’t have to authenticate again.
I don’t want to eliminate the timeout system-wide. It’s there for a reason. Just for the updaters. (Actually, it would be great if it could do the aur updater too, but that one is trickier since it likes to wait until the very end. I’ve had a bunch of long builds fail due to timing out. I wish it would ask once at the beginning, keep it from timing out via a method such as the above, and then it wouldn’t need the password at the end.)
You probably have to tweak either sudoers file of a pkexec policy, but i am not competent enough so i will leave other users to advise how exactly.
That said, a comment from me: don’t do aur updates through pamac gui. I use yay for that purpose, and it actually builds everything in home and asks for the password at the very end before package installation. And it does not matter if it times out because the package is already built in cache and you can always just install it later with pacman -U.
I mean, the password at the end is actually kind of literally the same problem. I don’t know about you, but I don’t sit there and stare at yay while it’s doing larger operations. Unfortunately, by the time I usually check back in it has already timed out and I have to redo parts of the process. (Also, it does this per package, so that means usually it has blocked at the first large one and then there are more to repeat this with.)
At least pamac can pop up a password prompt while I’m doing other things if I’m actually at the computer. Yay has its password prompt in the console where I won’t know about it. I really wish yay asked for the password at the beginning and kept it live similar to the above.
As a side note, it would be a pita, but technically they could elevate and then actually do things as the user instead of root. At least I know su can do su [username] and you can do su -c. Once privileges are elevated, su is passwordless. So these things could actually use a password first and still do the things as user and root as needed.
That’s a handy suggestion. Again, if a user does not want to mess around with the sudoers file, a drop-in should do the trick. This command should set the sudo timeout to 20 minutes for the specific user only:
echo "Defaults:$USER timestamp_timeout=20" | sudo tee "/etc/sudoers.d/set-sudo-timeout-for-$USER-to-20-minutes"
I forgot sudoers moved to the conf.d format, yes it is the easier and cleaner way.
I said above that I use yay -Syu --sudoloop, and it does just that. Enter the password once, then it will refresh sudo in the background.
If you are unfamilar with yay, it is the same parameters as you pass pacman, but also works with AURs. (Also, it’s one of the most common Arch way of working with AURs.)
Note that a yay -Syu would also do the regular sudo pacman -Syu at the same time in that command. So it seems like that is just what you need!
But I do like to update them separately, like a sane person.
Can’t remember to type that every single time on yay. I’d hate to alias since aliases sometimes cause issues with stuff like that, but it may be the only way.
And you shouldnt use an alias for that.
Use the config.
If you dont know how or dont want to edit the configuration file then tell yay to save the option.
yay --save --sudoloop
Of course understand there are caveats that this is technically less secure etc.
