On Mon, 2010-03-29 at 20:59 +0200, Jan Klepek wrote: > Hi, > > I'm looking for a way how to correctly have beep program[1] with setuid > binary (I mean, what is correct process for this from maintainer point > of view? Or what should be done except change in spec file). I saw > http://fedoraproject.org/wiki/Privilege_escalation_policy > however, I have no idea what should I do that beep package will > implement it correctly. That policy is mostly a 'don't do privilege escalation for these things' list. Since beep (afaik) doesn't do any of the things on that page, then having beep be a setuid binary would not violate the policy. There isn't really much procedure to follow here. You just have to convince whoever owns the beep package that the binary should be setuid. Then s/he would just make it so in the spec. However... > Currently there is bug[2] which limits correct functionality of perl > module[3] only to root user. > > [1] https://admin.fedoraproject.org/pkgdb/acls/name/beep > [2] https://bugzilla.redhat.com/show_bug.cgi?id=573801 > [3] https://admin.fedoraproject.org/pkgdb/acls/name/perl-Audio-Beep It doesn't look from all that as if setting beep as setuid is necessarily the best resolution. There must be a better way! Although ultimately, whichever way you implement it, it comes down to whether we want everyone to be able to play a beep on a system whenever they feel like it. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel