2009/11/19 Simon Andrews <simon.andrews@xxxxxxxxxxx>: > Bill Nottingham wrote: >> >> Jeff Garzik (jgarzik@xxxxxxxxx) said: >>> >>> This sounds like a tacit admission that the default install for >>> servers is bloody stupid (== same as desktop), unless the admin >>> REMOVES packages we helpfully installed on the server system. >> >> PackageKit has only ever been included in destkop package groups. >> While these groups are enabled by default, they are with the caveat of: >> >> "The default installation of Fedora includes a set of software >> applicable for general internet usage." > > I've just been and checked on our servers, which were installed with minimal > packages and never used for desktop activities and found two of them with > PackageKit installed. > > Looking at the dependencies there is nothing on those machines which > currently requires PackageKit so it could be cleanly removed, but something > has pulled this in as a dependency in the past. > > Both of these machines have been through sequential upgrades from around > FC3. > > Changing the behaviour of PackageKit would certainly affect me and I've > never explicity installed it. > > >> (This was all easily verifyable, if you'd prefer to look, instead >> of rant.) > > That may be true in the current repositories, but it would appear not to > have always been true. > > Simon. Hi all, Sorry for interjecting into the discussion, but I think getting fixated on vnc, one persons upgrade path, or what constitutes a server is seriously missing the point. Unix is inherently a multiuser operating system, and allowing one user to change the environment without priviledge is plain dumb. It isn't a distinction between server and desktop, because its quite feasable for a desktop to have multiple users (consider a family PC environment, or an office hot desking system), nor is it an issue of console versus remote login. There should not be a default situation where one users actions can either break the environment (yes updates and installs can break/change things) or introduce security concerns. If a system has one primary user, then there is an argument that the system should be able to grant that particular user more priviledge easily (but granting it should initially still need postive action from root). Some people have drawn comparisons with other console privs that exist (shutdown etc), but most of those are justified by pragmatism (the fact that a console user can use the power button) rather than policy. - Martyn -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
