On Thu, 2007-12-06 at 15:52 -0500, David Zeuthen wrote: > On Thu, 2007-12-06 at 14:59 +0100, Matej Cepl wrote: > > On Tue, 04 Dec 2007 11:38:47 +0100, Patrice Dumas scripst: > > > Unless there is something special for these pieces of code, anybody can > > > submit those packages to fedora through the usual review process. > > > > Not sure, ask davidz, but I am afraid most of them will horribly clash > > with PolicyKit/ConsoleKit. > > Right, it's going to be confusing to developers because they won't know > what to use. So please don't do this. Also note that Ubuntu is switching > away from gksudo to PolicyKit > > https://wiki.ubuntu.com/DesktopTeam/Specs/PolicyKitIntegration Well, right - for their apps like the software updater. But we still need a generic mechanism for asking a "wheel user" for a password in a nice way to run an arbitrary command. Use cases being "rmmod iw3945" as spot mentioned, or developers restarting tomcat on their local machine, editing /etc/yum.repos.d, really the list is endless. I guess though a sane way to start would be to restrict "arbitrary command" to "tty app", without also supporting X apps. > That, we already have consolehelper which does this. I guess you could make a consolehelper app called "runcommand" or something which had UGROUPS=wheel? Hm, I can't get it to work in a quick attempt. > And soon, as I > wrote about in the other mail, we'll have the PolicyKit-powered > consolehelper replacement that will make it very easy to manage > authorizations on a per-app basis. I'm just hoping we can land the bits so that removing the root password from Fedora is as simple and manageable as flipping one switch - and then we can flip that switch by default for the desktop config. And that we have a nice UI for prompting for the user password to run arbitrary commands. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
