I'm setting up limited accounts on my arch linux build to run proprietary software such as games or windows binaries. These restricted accounts won't have read/write access in my personal folders or any other areas in my OS that I've deemed sensitive.
I'd be using the following command to run applications as a limited user:
bash -c 'xhost +local:steam;sudo -u steam -H steam /home/limited.users/steam'
This would of course require that I input my sudo password every time I launch something as a restricted users.
Trying to find a way around having to put that password all the time, I ended up coming across this article that was trying to do the exact same things as I was:
How to run Spotify and Wine under a separate user account
In a section called Permit your own user account to launch commands under the wine account, he suggest to edit visudo and add the following line at the end:
his exmaple:
bob ALL=(wine) NOPASSWD: ALL
more generically:
yourUSERname ALL=(theACCOUNTyourTRYINGrunUNDER) NOPASSWD: ALL
The prospect of being able to run apps as another user with less privileges than my own account without a PW is harmless to me. That being said, I don't have a very thorough understanding of visudo and I wanted to know if this line will do anything other than that?
