On Sunday 05 November 2006 22:55, Christian Boltz wrote:
Hello,
Am Sonntag, 5. November 2006 19:21 schrieb Klaus Kaempf: [...]
Wouldn't it be nice to have a single, secure, system-wide mechanism to provide access control ? Future versions of the package & patch management hopefully can make use of such a system.
Sounds much better ;-) (I also like Marcus' idea about using sudo and/or kdesu.)
Much better than what? I thought your main objection was the granularity of the security, not how it was implemented sudo is basically a hack, it's better to have a real solution for the system, a real role based administration system. Preferably something where you can define new roles with new authorities for new features, without having to recompile everything
For the records: I'd like to have the following permission levels in the package management: a) check for updates ("suse-watcher" style)
view
b) install updates (including uninstalling obsolete and installing new requirements from existing installation sources)
install (except for the removal bit)
c) install / remove any package from existing installation sources
install, remove
The problem with zen-updater is that it currently needs b) and c), therefore people can easily add and remove other packages with zen-installer/-remover even if the admin isn't aware of this.
In other words, you'd be happy if zen added the security level "update", which only allows for updates of already installed packages, and allows for removals if they were forced through dependency checks, is that right? --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org