LinuxCommandLibrary

gksudo

Run graphical applications with root privileges

TLDR

Run a command as a specific user

$ gksudo [[-u|--user]] [userid] [command]
copy

Run the command while preserving the current environments
$ gksudo [[-u|--user]] [userid] [[-k|--preserve-env]] [command]
copy

Force gksudo to use su to run the command
$ gksu [[-u|--user]] [userid] [[-w|--su-mode]] [command]
copy

Force gksudo to use sudo to run the command
$ gksudo [[-u|--user]] [userid] [[-S|--sudo-mode]] [command]
copy

Output debug info for the given command
$ gksudo [[-u|--user]] [userid] [[-d|--debug]] [command]
copy

SYNOPSIS

gksudo [options] [--] command [arguments]

PARAMETERS

-D, --description TEXT
    Set dialog description text

-d, --display DISPLAY
    X display to use

-g, --grabs
    Grab X server (disables session control)

-k, --keep-fd
    Keep file descriptors open (less secure)

-K, --close-fd
    Close file descriptors after exec

-S, --stdin
    Read password from stdin

-u, --user USER
    Run as specified user

--message TEXT
    Set custom dialog message

--print-pass
    Print password to stdout

--sudo-cmd CMD
    Use alternative sudo command

-h, --help
    Show help message

-v, --version
    Show version info

DESCRIPTION

gksudo is a graphical wrapper around the sudo command, tailored for GNOME desktop environments. It displays a user-friendly authentication dialog prompting for the administrator password before running a specified command with elevated privileges. This is particularly useful for GUI applications, system tools, or scripts needing root access without cluttering the terminal.

Built on the gksu library, gksudo integrates seamlessly with GNOME's look and feel, supporting features like custom dialog descriptions and messages. It sets the SUDO_MODE environment variable to ensure sudo-specific behavior, distinguishing it from gksu which defaults to su.

Common use cases include launching administrative tools like gparted or software updaters from menus. However, due to evolving security models, it's less common today, with PolicyKit-based tools preferred for finer-grained authorization.

Installation typically comes via the gksu package on Debian/Ubuntu systems.

CAVEATS

Deprecated; vulnerable to X11 session hijacking. Avoid in scripts or untrusted environments. Use pkexec or PolicyKit instead. Not installed by default in modern distros.

ENVIRONMENT NOTES

Preserves DISPLAY, HOME (as root), and desktop vars. Sets GKSU_NOEXIT for error handling.
Avoid piping sensitive input.

USAGE EXAMPLE

gksudo --description 'Update system' apt update
Runs apt update with sudo via GUI prompt.

HISTORY

Introduced in 2002 as part of gksu package by Carlos Garnacho for early GNOME. Peaked in Ubuntu 6.06-16.04. Abandoned upstream ~2012 due to security flaws (e.g., fd leaks, grabs). Removed from Ubuntu 18.04+; forks exist but unmaintained.

SEE ALSO

sudo(8), gksu(1), pkexec(1), polkit(8)

Copied to clipboard