1 |
Le 19/03/2009 19:12, Doug Goldstein a écrit : |
2 |
> The problem would be a simple fix if PolicyKit supported groups and we |
3 |
> could just say "give all access to those in the wheel" group as a |
4 |
> reasonable default. But alas, it does not. Arguably we can probably |
5 |
> patch that in and just be done with it. |
6 |
|
7 |
Actually, for a while, I had a policy file that returned "allow" to all |
8 |
auth requests. That was obviously not "secure" at all... |
9 |
|
10 |
For some reason, even _that_ didn't allow all apps to work properly, as |
11 |
they expect their own policy file and not just a default setting. |
12 |
|
13 |
It's as if GConf required schemas to be installed for apps to work. |
14 |
|
15 |
> Unless someone has some better ideas for a reasonable default. |
16 |
|
17 |
The only way ATM is to go through the policy file for each applications, |
18 |
read it, make sense of it and adapt it to Gentoo... Again, the Gnome |
19 |
herd is quite short on manpower these days, even with the precious help |
20 |
of our latest recruits (Arun and Nirbheek). |
21 |
|
22 |
> (IMHO, |
23 |
> removing all of PolicyKit is a reasonable default but it looks like |
24 |
> going forward GNOME is just using it without really any documentation |
25 |
> or any forethought into the real world implications of PolicyKit and |
26 |
> the inherent support/issues with ConsoleKit) |
27 |
|
28 |
I think we all agree here, Gilles, Mart and others have dutifully |
29 |
patched most (all?) core gnome components to at least build without PK, |
30 |
even if that means loosing some features. Thankfully, most of those |
31 |
patches have been accepted upstream. |
32 |
|
33 |
As for Gnome blindly using PK... again, we're all on the same page :) |
34 |
|
35 |
If anyone _really_ wants PK, please get in touch with us so we can try |
36 |
to support it in Portage. |
37 |
|
38 |
Thanks |