On Feb 13, 2008 1:12 PM, Les Mikesell <lesmikesell@xxxxxxxxx> wrote: > I'm not convinced that anyone can deduce the behavior I want from the > packages that are installed. Or even that I'd know for sure myself > ahead of time in all cases but I have a hard time imagining a case where > I'd want access cut off to an existing, running session just because > someone else might want to check their email on a different account and > they do it from a VT instead of Xnest. Is it possible to make the rules > easy to manage locally - and can you have a first-served wins rule? These questions suggest that you aren't familiar with hal policy at all. The only interesting question in this discussion is.. can it be made it easy. I'm sure it can be... we just have to get there. And the first step in getting there is for everyone who really cares about this sort of stuff make a real effort at understanding how to write hal policy..including acl related polcy. Instead of just pissing and moaning about it because they haven't made an effort to understand it. And since I always endeavor to practice what I preach, I've been trying to write acl policy to get a specialized usb device that I own working as the console owner and I'm still not doing it correctly. I have the hal matching rules right, I know my policy is matching the device. What it's not doing is setting up the acls. And I'm having a real hard time troubleshooting what is actually happening. -jef -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
