Package Management Blows Goats (use cases)

Colin Walters walters at redhat.com
Tue Jul 31 17:22:39 UTC 2007


On Tue, 2007-07-31 at 05:18 -0400, Alan Cox wrote:
> On Tue, Jul 31, 2007 at 09:51:33AM +0100, Richard Hughes wrote:
> > Toby logs into his desktop. A notification area icon with a critical
> > icon appears in the top right and a libnotify popup tells him there are
> > 3 three critical security updates. The libnotify popup has three
> 
> Who is Toby, is he authorised to install updates ?
> 
> One big problem throughout the Fedora and RHEL code is that nobody has
> been willing to actually distinguish between install types at install
> time. That is what causes the limits on automounting file systems, it is
> what stops us doing Ubuntu type sudo and it is what breaks this.
> 
> We need to know if the system is
> 	- User managed
> 	- Centrally managed
> 	- Physical access implies control (typical home PC)
> 
> and ask that in a sane fashion

I only see two cases, and neither involves asking.

1) The person at the computer is "responsible" for it
2) Someone else is responsible

The solution is simple - default to 1) for CDs downloaded from the
Fedora website.

For 2), make it convenient for the responsible person can set things up
in whatever paranoid fashion they like - say person at computer has to
stand on one foot and spin around, then swipe their fingerprint and type
four passwords before they can download software.






More information about the fedora-devel-list mailing list