June 2017 - openSUSE Features - openSUSE Mailing Lists

[New: openFATE 314778] Use polkit for YaST privilege management
by fate_noreply＠suse.de 14 Sep '18

14 Sep '18

Feature added by: Dainius Masiliunas (GreatEmerald) Feature #314778, revision 1 Title: Use polkit for YaST privilege management openSUSE Distribution: Unconfirmed Priority Requester: Desirable Requested by: Dainius Masiliunas (greatemerald) Partner organization: openSUSE.org Description: At the moment of writing, YaST relies on having root privileges through a graphical sudo in order to view and carry out most tasks. However, there is no reason why simply displaying those tasks should be restricted like that. YaST should always be started with user privileges, and only ask for additional privileges when they are truly needed - when the selected tasks should be carried out. This can be achieved by using polkit. It also brings a lot of other benefits. Use Case: Users who do not have access to the root password currently also do not have access to a lot of functionality that does not actually require the password, such as searching for package information. Users that do administrative tasks are also subjecting the system to possible security risks by running YaST with full root privileges. Using polkit would increase security and prevent potential user mistakes. Business case (Partner benefit): openSUSE.org: Using polkit, the graphical interface of YaST would always be run as a normal user. That means that code that should not have elevated privileges - like GUI - would not run with them. More could be done without needing to enter the root password - package information query, printer setup, device information overview, reviewing network configuration options etc. In a restrictive environment, the system administrator could set certain tasks to be available for use by regular users, or to allow certain tasks to be run by certain users only. The authentication screen would provide more information about what tasks are about to be carried out for increased security. For instance, if a custom YaST module requests permission to modify the partition table, while it claims to only set up the date and time, it would be clear to the user that the module is either fraudulent or is malfunctioning. In order to not have to authenticate after every single change a module wishes to do, a global queue for the changes could be created (like what is shown by the /etc/sysconfig editor once its changes are to be applied). Once the global "apply" button is pressed, the user would be informed of what actions will be carried out and what privileges will be given to carry them out. Then, once the user confirms that by supplying a password, all the changes are applied. -- openSUSE Feature: https://features.opensuse.org/314778

1 8

[New: openFATE 319626] Check password strength for encrypted LVM
by fate_noreply＠suse.de 21 Aug '18

21 Aug '18

Feature added by: Arnold Mesper (amesper) Feature #319626, revision 1 Title: Check password strength for encrypted LVM openSUSE Distribution: Unconfirmed Priority Requester: Important Requested by: Arnold Mesper (amesper) Partner organization: openSUSE.org Description: A simple password check is done only when selecting encrypted LVM in the main installation screen. No check is done, when creating encrypted LVM via expert partitioner. The same check as performed for user passwords (using cracklib) should be available for encrypted LVMs too - both in the main installation screen as well as in the expert partitioner. The user must be able to accept using a weak password, thus the password strength check must only issue a warning (and not mandate a minimum password length like now in the main installation screen). This is necessary in order to allow testing an installation without having to remember a complex password. Business case (Partner benefit): openSUSE.org: Especially novice users must be warned if password is weak for LVM, as with weak passwords, full disk encryption is useless. -- openSUSE Feature: https://features.opensuse.org/319626

1 1

[New: openFATE 314606] Improved Btrfs subvolume management in YaST Partitioner
by fate_noreply＠suse.de 21 Aug '18

21 Aug '18

Feature added by: Dainius Masiliunas (GreatEmerald) Feature #314606, revision 1 Title: Improved Btrfs subvolume management in YaST Partitioner openSUSE Distribution: Unconfirmed Priority Requester: Desirable Requested by: Dainius Masiliunas (greatemerald) Partner organization: openSUSE.org Description: The current implementation of Btrfs subvolume management is a bit too simplistic. It allows adding and removing subvolumes, but that is all. Expanding this to view subvolumes as actual subvolumes would be beneficial. Perhaps something akin to LVM configuration, as Btrfs subvolumes can handle much of what LVM does. At the same time, this could allow easier interfacing with Snapper. Use Case: When using Btrfs as the main file system, it is useful to have a single Btrfs partition for both / and /home, as it allows for more efficient disk space use. When reinstalling and upgrading, it is now a problem, as there is no way to remove certain subvolumes and leave others, and keeping /home between installations is often useful. Another case is when a multi-device Btrfs volume is desirable. The YaST partitioner only allows creating "regular" Btrfs partitions right now. A feature like that would also be useful for tighter Snapper integration. It would be a convenient place to set which volumes should be monitored by it, and which are not. In addition, it would help resolve a few bugs, such as the failure to automatically create subvolumes for excluding directories from Snapper monitoring when choosing to format the Btrfs partition. -- openSUSE Feature: https://features.opensuse.org/314606

1 9

[New: openFATE 314529] Add XFCE and LXDE live cds in software.opensuse.org
by fate_noreply＠suse.de 19 Jul '18

19 Jul '18

Feature added by: Narayansamy S (vazhavandan) Feature #314529, revision 1 Title: Add XFCE and LXDE live cds in software.opensuse.org openSUSE Distribution: Unconfirmed Priority Requester: Important Requested by: Narayansamy S (vazhavandan) Partner organization: openSUSE.org Description: There is urgent need to Add XFCE and LXDE live cds in software.opensuse.org page as many Linux users are moving away from traditional DEs(KDE,GNOME) after some rather controversial changes from KDE3.X==>DE4.X and GNOME2.x==>GNOME3.X Many users moving to LXDE and XFCE can try out th DE environments using the live cds provided in the software download page Business case (Partner benefit): openSUSE.org: To test hardware issues Smaller download compared to DVD Many users are preferring LXDE and XFCE over GNOME and KDE One can keep using live cds in case of system crashes DVD download doesn't support live boots -- openSUSE Feature: https://features.opensuse.org/314529

1 4

[New: openFATE 318341] Include "fixparts" on the live rescue CD
by fate_noreply＠suse.de 19 Jul '18

19 Jul '18

Feature added by: Neil Rickert (nrickert) Feature #318341, revision 1 Title: Include "fixparts" on the live rescue CD openSUSE Distribution: Unconfirmed Priority Requester: Important Requested by: Neil Rickert (nrickert) Partner organization: openSUSE.org Description: The "fixparts" utililty (package "gptfdisk-fixparts") is useful for repairing corrupted partition tables, such as occur when a user tries to convert a disk from GPT partitioning to legacy MBR partitioning. It would be useful to include that on live media -- at least the live rescue -- so that we can point people to a way to fix their install problems. -- openSUSE Feature: https://features.opensuse.org/318341

1 1

[New: openFATE 314607] formatting
by fate_noreply＠suse.de 18 Jul '18

18 Jul '18

Feature added by: Francesco Noacco (FireLink) Feature #314607, revision 1 Title: formatting openSUSE Distribution: Unconfirmed Priority Requester: Mandatory Requested by: Francesco Noacco (firelink) Partner organization: openSUSE.org Description: Can format and save data in the partitions stored in any fs and not just fat32 (after installation). Use Case: I solved it with "disk manager" Debian testing (3.0.2 by Red Hat, 2009) In the formatting parameters allows disk usage by users other than root. And to think that I had just complained because the utility from a new disc without mbr creates one that is not compatible with other distributions (gparted from an alert message). Business case (Partner benefit): openSUSE.org: Operations should be for everyone. -- openSUSE Feature: https://features.opensuse.org/314607

1 1

[New: openFATE 315592] retire /etc/ssl/certs as r/w for admins
by fate_noreply＠suse.de 11 Jul '18

11 Jul '18

Feature added by: Ludwig Nussel (lnussel) Feature #315592, revision 1 Title: retire /etc/ssl/certs as r/w for admins Requested by: Ludwig Nussel (lnussel) Partner organization: openSUSE.org Description: Since the introduction of update-ca-certificates in openSUSE 11.2 /etc/ssl/certs has been an automatically managed location for SSL certificates. Adminstrators are no longer meant to put their own files there but instead have update-ca-certificates install symlinks to the actual files there. Having scripts regularly mess with /etc is ugly. Therefore placing individual symlinks in /etc/ssl/certs needs to be retired. /etc/ssl/certs should point to a location in /var instead. This could either be done with a symlink or with a bind mount. -- openSUSE Feature: https://features.opensuse.org/315592

1 9

[New: openFATE 322297] Yast2 working in wayland
by fate_noreply＠suse.de 06 Jul '18

06 Jul '18

Feature added by: Andreas Winter (netzheimer) Feature #322297, revision 1 Title: Yast2 working in wayland openSUSE Distribution: Unconfirmed Priority Requester: Important Requested by: Andreas Winter (netzheimer) Partner organization: openSUSE.org Description: Wayland is coming with big steps. First distributions (eg fedora) already use it as default. Gnome should be already stable with it, Plasmas support is getting better and better. Some other DE already support it out of the box. Wayland is a lot more secure than Xserver and it is the future. I think it is time to bring Yast2's support for this. At the moment a user who wants to run wayland has just 2 solutions: - Running yast in textmode (which is not a solution for non-geek users) - Switch to another distribution, which offers better support -- openSUSE Feature: https://features.opensuse.org/322297

1 17

[New: openFATE 314706] New default theme
by fate_noreply＠suse.de 05 Jul '18

05 Jul '18

Feature added by: Sharque uddin Ahmed Farooqui (safknw) Feature #314706, revision 1 Title: New default theme openSUSE Distribution: Unconfirmed Priority Requester: Important Requested by: Sharque uddin Ahmed Farooqui (safknw) Partner organization: openSUSE.org Description: Currently OpenSuse comes this slightly modified default theme from DE. For example KDE default theme is not very different from vanilla KDE default theme. So does not distinctive feeling. I believe having a separate for DE will be it much better feeling to end user also it provide unique look and feel to user. We can have a look at ROSA as case. -- openSUSE Feature: https://features.opensuse.org/314706

1 2

[New: openFATE 312838] Hook up fwzs to NetworkManager
by fate_noreply＠suse.de 19 Jun '18

19 Jun '18

Feature added by: Ludwig Nussel (lnussel) Feature #312838, revision 1 Title: Hook up fwzs to NetworkManager Hackweek VII: Unconfirmed Priority Requester: Important Requested by: Ludwig Nussel (lnussel) Partner organization: openSUSE.org Description: Switching zones in the firewall zone switcher is currently a manual task. NM needs to provide hooks to make fwzs adjust the firewall automatically. http://lizards.opensuse.org/2009/08/28/firewall-zone-switcher-updated/ http://lizards.opensuse.org/2009/07/10/1453/ -- openSUSE Feature: https://features.opensuse.org/312838

1 2