[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Proposal for Fedora - "GKSUDO"

On Thu, 2007-12-06 at 15:52 -0500, David Zeuthen wrote:
> On Thu, 2007-12-06 at 14:59 +0100, Matej Cepl wrote:
> > On Tue, 04 Dec 2007 11:38:47 +0100, Patrice Dumas scripst:
> > > Unless there is something special for these pieces of code, anybody can
> > > submit those packages to fedora through the usual review process.
> > 
> > Not sure, ask davidz, but I am afraid most of them will horribly clash 
> > with PolicyKit/ConsoleKit.
> Right, it's going to be confusing to developers because they won't know
> what to use. So please don't do this. Also note that Ubuntu is switching
> away from gksudo to PolicyKit
> https://wiki.ubuntu.com/DesktopTeam/Specs/PolicyKitIntegration

Well, right - for their apps like the software updater.

But we still need a generic mechanism for asking a "wheel user" for a
password in a nice way to run an arbitrary command.  Use cases being
"rmmod iw3945" as spot mentioned, or developers restarting tomcat on
their local machine, editing /etc/yum.repos.d, really the list is
endless.  I guess though a sane way to start would be to restrict
"arbitrary command" to "tty app", without also supporting X apps.

> That, we already have consolehelper which does this. 

I guess you could make a consolehelper app called "runcommand" or
something which had UGROUPS=wheel?  Hm, I can't get it to work in a
quick attempt.

> And soon, as I
> wrote about in the other mail, we'll have the PolicyKit-powered
> consolehelper replacement that will make it very easy to manage
> authorizations on a per-app basis.

I'm just hoping we can land the bits so that removing the root password
from Fedora is as simple and manageable as flipping one switch - and
then we can flip that switch by default for the desktop config.  And
that we have a nice UI for prompting for the user password to run
arbitrary commands.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]