On Sat, Jul 22, 2017 at 3:26 PM, Neal Gompa <ngompa13@xxxxxxxxx> wrote: > On Sat, Jul 22, 2017 at 5:11 PM, Zbigniew Jędrzejewski-Szmek > <zbyszek@xxxxxxxxx> wrote: >> On Sat, Jul 22, 2017 at 02:06:42PM -0600, Chris Murphy wrote: >>> On Sat, Jul 22, 2017 at 1:57 PM, Matthew Miller >>> <mattdm@xxxxxxxxxxxxxxxxx> wrote: >>> > On Sat, Jul 22, 2017 at 01:42:11PM -0600, Chris Murphy wrote: >>> >> I don't know what things the unprivileged user can do other than >>> >> search and info. But off hand I'd say an unprivileged user should not >>> >> be able to download metadata. Use one /var/cache/dnf always. And if >>> >> it's stale, just inform the user. Only update the cache if the command >>> >> is issued by root. >>> > >>> > I dunno; what harm is there in giving the ability to use a separate >>> > user cache for queries? This allows you to do things like repoquery as >>> > an unprivileged user for repos that aren't enabled by default. >>> >>> I'm fine with a layered approach, *if* a repo db does not exist for >>> root, then it's OK for a user copy to be downloaded, but how about one >>> for all users to share rather than each user getting a downloaded copy >>> of the same thing? >> >> It'd probably require rearchitecturing the way that caching works. >> Current implementation does the best (maybe ignoring some minor bugs) >> of what is possible in a secure way with unprivileged users in current >> design, but we should be able to do better. Namely, create a polkit-aware >> daemon which will download metadata on demand, and then make root and >> the users forward all metadata download requests to this daemon. >> This would avoid any duplicate downloads, without the need to run >> dnf searches as root. >> >> (Ideally, dnf would also have strong tmpfiles.d policy to clean up all >> caches after ~1 month of unuse, so that if a user requests some repo, >> the disk space is not permanently wasted.) >> > > So... like dnfdaemon, except with less capabilities? Neat. No idea if I'm alone, but I'd like Fedora Server to always have up to date repo databases (both for dnf and packagekit), and for the workstations and VM's sync with that local server. Even when I'm connected to fast internet this would be a better experience. If it were possible to have a subsettable Fedora mirror, it could exist on a continuum from metadata only, to e.g. my workstation only packages, to a full Fedora mirror. -- Chris Murphy _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
