How to grant Stuart passwordless access to privileged read-only commands, like those normally requiring sudo.
For a broader discussion of Stuart's security posture and agentic AI safety considerations, see SECURITY.md.
- 📋 Overview
- ⚡ Quick Setup
- 📜 What the Helper Allows
- ⚙️ How It Works
- 🚫 Without Polkit
- 🔧 Customising
- 🛡️ Security
- 🔍 Troubleshooting
Stuart runs with much the same environment and permissions as your user. However, some Linux commands need root to return useful data (e.g. smartctl for disk health, dmidecode for hardware info, ss -p for socket process ownership).
Stuart uses polkit for privilege escalation:
- A privilege helper script acts as a whitelist of approved commands
- A polkit rules file authorizes the helper for admin users
- MCP servers call
pkexec stuart-privilege-helper <command>when root is needed - If polkit is not configured, Stuart falls back to clear error messages with
sudocommands you can run manually
Stuart works without polkit. Polkit just removes the friction of running sudo commands manually.
Three commands, one-time:
# From the stuart plugin directory:
sudo cp config/polkit/stuart-privilege-helper /usr/local/bin/
sudo chmod 755 /usr/local/bin/stuart-privilege-helper
sudo cp config/polkit/49-stuart.rules /etc/polkit-1/rules.d/
sudo chmod 644 /etc/polkit-1/rules.d/49-stuart.rulesVerify with /setup check-privileges in a Stuart session, or from the command line:
python3 stuart/scripts/setup.py check-privileges- polkit must be running — check with
systemctl status polkit. Standard on all modern desktop Linux installs - Your user must be in the wheel group (standard for sysadmins on Fedora/RHEL;
sudogroup on Debian/Ubuntu) - pkexec must be installed (part of the polkit package)
The helper script (stuart-privilege-helper) is the whitelist. Only commands listed in it can run with root privileges:
| Command ID | Runs | Why root is needed |
|---|---|---|
smartctl-scan |
smartctl --scan |
Direct disk access |
smartctl-health |
smartctl -a <device> |
Direct disk access |
nvme-list |
nvme list |
NVMe device enumeration |
nvme-smart |
nvme smart-log <device> |
NVMe health data |
blkid-probe |
blkid -p <device> |
Low-level superblock probing |
pvs-list |
pvs --noheadings |
LVM physical volume listing |
vgs-list |
vgs --noheadings |
LVM volume group listing |
lvs-list |
lvs --noheadings |
LVM logical volume listing |
dmidecode-system |
dmidecode -t system |
BIOS/firmware tables |
dmidecode-baseboard |
dmidecode -t baseboard |
Motherboard info |
dmidecode-bios |
dmidecode -t bios |
BIOS version info |
dmidecode-memory |
dmidecode -t memory |
RAM module details |
lsof-device |
lsof <device> |
Processes using a device |
ss-processes |
ss -tulnp |
Socket process ownership |
nft-list |
nft list ruleset |
Firewall rules (nftables) |
ethtool-info |
ethtool <interface> |
NIC link status and settings |
ethtool-driver |
ethtool -i <interface> |
NIC driver information |
dmesg-recent |
dmesg --since -1h |
Recent kernel messages |
dmesg-tail |
dmesg -T |
All kernel messages |
dnf-check-update |
dnf5 check-update --refresh |
Package update metadata |
Arguments are validated by type:
- device — must start with
/dev/ - iface — alphanumeric, hyphens, dots, max 15 characters
- no argument — commands with no argument type reject any extra input
The helper also includes commented write/modify commands (systemctl, firewall-cmd, dnf) that power users can enable. See the helper script for details.
Stuart needs root for smartctl:
-> calls: pkexec stuart-privilege-helper smartctl-health /dev/sda
-> polkit checks 49-stuart.rules:
Is user in wheel group? yes
Is session active and local? yes
Is program /usr/local/bin/stuart-privilege-helper? yes
-> polkit authorizes (no password prompt)
-> helper validates: "smartctl-health" is in whitelist,
/dev/sda starts with /dev/ yes
-> helper runs: smartctl -a /dev/sda
-> output returns to MCP server -> to Stuart -> to you
If polkit is not configured, pkexec fails immediately (no password prompt, no hang) and Stuart falls back to suggesting the sudo command.
Everything still works — tools that need root return clear error messages:
Permission denied running smartctl.
This command requires elevated privileges.
Run manually: sudo smartctl -a /dev/sda 2>&1
For automatic escalation, install the Stuart polkit policy.
See: /setup check-privileges
Edit /usr/local/bin/stuart-privilege-helper and add entries to the COMMANDS dict:
COMMANDS = {
# ...existing entries...
"my-custom-cmd": (["my-tool", "--read-only"], False),
"my-device-cmd": (["my-tool", "--info"], "device"),
}False= no additional arguments accepted"device"= accepts one/dev/*path as final argument"iface"= accepts one network interface name as final argument
Edit /etc/polkit-1/rules.d/49-stuart.rules and change "wheel" to your preferred group:
if (!subject.isInGroup("your-group")) {Delete or comment out entries in the helper script's COMMANDS dict.
What the shipped polkit policy grants (you can customise this — see Customising):
- Passwordless execution of specific read-only commands via
pkexec - Only for users in the
wheelgroup - Only on active local sessions (logged in directly, not SSH by default)
- Only via the helper script (which validates command IDs and arguments)
What the policy does NOT grant:
- No package installation, removal, or updates
- No service management (start, stop, restart)
- No filesystem writes (mount, mkfs, fdisk)
- No arbitrary command execution — only commands in the helper's whitelist
- No network configuration changes
- No access from SSH sessions (unless logind considers them active+local)
No passwords are stored or transmitted. The polkit rules file and helper script are plain text — audit them at any time.
| Problem | Solution |
|---|---|
| "Not authorized" from pkexec | Check you're in the wheel group: groups |
| Policy not taking effect | Restart polkitd: sudo systemctl restart polkit |
| Helper "command not found" | Check /usr/local/bin/stuart-privilege-helper exists and is executable |
| SELinux denial | Check audit log: sudo ausearch -m AVC -ts recent |
| Wrong command paths | Helper uses bare command names resolved via PATH. Check with which smartctl |
| SSH session rejected | polkit requires active local session. SSH sessions may not qualify depending on PAM/logind config |
/setup check-privileges says "modified" |
You've edited the installed files. This is fine — Stuart just reports it for awareness |