-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/11/2013 03:10 AM, Dhiru Kholia wrote:
Hi,
In FESCo ticket #1115, it was decided to modify the privilege escalation
policy in order to allow local, active, admin user to update/remove/etc
signed software without requiring a password.
At this point, such an user can do "pkcon install <package>" to install
packages without being prompted for the password.
In FESCo ticket #1117, it was decided to extend this policy to potentially
cover other privileged operations. At this point, "we" are looking for more
use cases. Lot of such use cases are already listed on the following page,
https://fedoraproject.org/wiki/Privilege_escalation_policy
Here is a sample use case; ability to launch my own VMs using virt-manager
without authenticating every time.
Do *you* have a use case of your own? Here is your chance to get rid of
those password prompts for your own use case!
Please *note* that these policies can be modified locally (or disabled
altogether) to fit different situations. An option to *specifically* enable
or disable such privilege escalation policy can be given at the install
time or / and run-time. Thoughts?
Also *note* that the goal of this email (and the ticket in general) is to
promote brainstorming at this point. I'm not saying or promising that "we"
are going to do everything you guys demand.
Some of you may find
http://tinyurl.com/linus-printer to be relevant here.
FESCo Tickets ==============
https://fedorahosted.org/fesco/ticket/1115
https://fedorahosted.org/fesco/ticket/1117
Bugzilla Links ==============
https://bugzilla.redhat.com/show_bug.cgi?id=975214
Is the policy as far as installing packages on getting them from a signed repo
or does it allow me to install a random package I download from the internet.
Signed Repo not a bad idea. Random crap from the internet not a good idea.
Since firefox can out and crab stuff to install, and I would never no.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iEYEARECAAYFAlIwZ8QACgkQrlYvE4MpobM2NgCgw82uvwwcy7MpVJpJ7wfTKRSA
sMkAoMnj54B14HcCnJXwrpjhAPp44CYq
=ohvd
-----END PGP SIGNATURE-----