2009/11/18 Seth Vidal <skvidal@xxxxxxxxxxxxxxxxx>: >> I may be wrong, but I understand that this behaviour of PackageKit >> only applies to users with direct console access (i.e. not remote >> shells). So, only users that are logged in via GDM or TTY would be >> able to perform such tasks. >> >> This significantly limits the number of users with powers to install >> signed software -- almost to the point of where it sounds like a fair >> trade-off. If someone has physical access to the machine, then heck -- >> it's not like they don't already effectively "own" it. >> >> Not saying it's a good default policy -- but let's cool our heads. > > might be worth testing that feature with pkcon from an ssh terminal. I've > not done that yet but I think it would be worth checking out. Looks to be the case: bubba@localhost's password: [bubba@smaug ~]$ uqm Command not found. Install package 'uqm' to provide command 'uqm'? [N/y] * Installing packages.. * Getting information.. * Resolving dependencies.. The following packages have to be installed: autodownloader-0.3.0-3.fc12.noarch GUI-tool to automate the download of certain files Proceed with changes? [N/y] * Waiting for authentication.. The transaction failed: not-authorized, Failed to obtain authentication. [bubba@smaug ~]$ Let's calm down now, please. :) -- McGill University IT Security Konstantin Ryabitsev Montréal, Québec -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
