On Tue, 2012-10-09 at 20:34 +0200, Lennart Poettering wrote: > On Tue, 09.10.12 14:26, Simo Sorce (simo@xxxxxxxxxx) wrote: > > > On Tue, 2012-10-09 at 20:17 +0200, Lennart Poettering wrote: > > > > Could we make that a default on Fedora in addition to adm? (I assume > > > this is > > > > polkit but can't see it offhand -- hmmm... looks to be hard-coded in > > > the > > > > source?) I don't really have a strong opinion about whether adm > > > should work > > > > or not, but wheel should. > > > > > > Well, we could of course add this as ACL, but I wonder if it wouldn't > > > be > > > nicer to declare that "adm" is for seeing, and "wheel" for doing as I > > > suggested above. > > > > > What's the point of 2 different groups ? > > > > We have filesystem permissions to determine what a user/group can do, > > plus we have selinux on top to enforce in a different way some of these > > policies. > > > > What does 2 different groups give you besides confusion ? > > Safety? Robustness? > > For example, by adding people to "adm" you can allow them to monitor > machines, but when something happens and they want to do things they'd > have to go through "sudo" or "su", thus adding a psychological barrier > so that they don't break things... That means they can watch the machine > just fine, but "rm -rf /" when doing that will have no effect. But they > still can do priviliged things if they feel the need to, after auth. you can do the same by allowing sudo cat /var/log/message without password and requiring the password for anything else. Simo. -- Simo Sorce * Red Hat, Inc * New York -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
