| 1 |
Le 19/03/2009 19:12, Doug Goldstein a écrit : |
| 2 |
> The problem would be a simple fix if PolicyKit supported groups and we |
| 3 |
> could just say "give all access to those in the wheel" group as a |
| 4 |
> reasonable default. But alas, it does not. Arguably we can probably |
| 5 |
> patch that in and just be done with it. |
| 6 |
|
| 7 |
Actually, for a while, I had a policy file that returned "allow" to all |
| 8 |
auth requests. That was obviously not "secure" at all... |
| 9 |
|
| 10 |
For some reason, even _that_ didn't allow all apps to work properly, as |
| 11 |
they expect their own policy file and not just a default setting. |
| 12 |
|
| 13 |
It's as if GConf required schemas to be installed for apps to work. |
| 14 |
|
| 15 |
> Unless someone has some better ideas for a reasonable default. |
| 16 |
|
| 17 |
The only way ATM is to go through the policy file for each applications, |
| 18 |
read it, make sense of it and adapt it to Gentoo... Again, the Gnome |
| 19 |
herd is quite short on manpower these days, even with the precious help |
| 20 |
of our latest recruits (Arun and Nirbheek). |
| 21 |
|
| 22 |
> (IMHO, |
| 23 |
> removing all of PolicyKit is a reasonable default but it looks like |
| 24 |
> going forward GNOME is just using it without really any documentation |
| 25 |
> or any forethought into the real world implications of PolicyKit and |
| 26 |
> the inherent support/issues with ConsoleKit) |
| 27 |
|
| 28 |
I think we all agree here, Gilles, Mart and others have dutifully |
| 29 |
patched most (all?) core gnome components to at least build without PK, |
| 30 |
even if that means loosing some features. Thankfully, most of those |
| 31 |
patches have been accepted upstream. |
| 32 |
|
| 33 |
As for Gnome blindly using PK... again, we're all on the same page :) |
| 34 |
|
| 35 |
If anyone _really_ wants PK, please get in touch with us so we can try |
| 36 |
to support it in Portage. |
| 37 |
|
| 38 |
Thanks |
Archives