Dne 25. 11. 19 v 20:28 David Díaz napsal(a):
* Can we manage  and  in a
"centralized" way? I mean, do we have a way to
know in advance when the execution of a certain module will require root
permissions? If the answer is NO,
It's complicated by the fact that some modules might call another modules,
so it depends on the functionality which you will really use. You cannot tell that
for sure in advance.
* Can we open a discussion/research/whatever to do
something to this regard? Do
you think it worth it? Or do you already had such discussions in the past? If so,
what was the conclusion?
I'm not sure whether we had a discussion about it in
the past but there are couple of
expectations which YaST has.
Running as root, or more specifically being able to read/write the configs, is one of
In theory the admin could make the needed config files writable for a non-root user
and then YaST should work fine as that user. For example I can do this (as root):
setfacl -m u:lslezak:rw /etc/sysconfig/yast2
then I can run
and change the options in that (!!) file as non-root. But I do not consider that as a
practically usable solution as you usually do not know which files are actually used
by which YaST module.
And in that case adding the hard UID == 0 check would block this scenario.
Additionally even running as root does not guarantee you can read/write all files.
There might be system limitations (the root partition mounted in the RO mode, the
processes running in a docker container run as root but you still cannot do
everything there, etc...) or there can be even hardware restrictions (SCSI hard
drives have RO pins and you can jumper them to the RO mode, SD cards have that RO
slider, etc...). So in the end testing UID == 0 is not the perfect solution, maybe
tests like File.readable?/File.writable? might be even better...
We can only make it less possible to run the YaST modules as a non-root. The YaST
control center already displays the YaST modules which you can run, so that's OK.
of course, that does not prevent you from running "/usr/sbin/yast2 needs_root"
We can compare the behavior with running e.g. "vim /etc/fstab" as a non-root. In
case it displays "[readonly]" flag in the status bar, if you try to edit the
displays "Warning: Changing a readonly file" there. But you can still continue
editing. If you insist on writing the file you'll get the "Can't open file
writing" error in the end.
Then it's up to the user what to do. Either abort so all changes are lost or write
a different file and later move it as root to the original location. Obviously we do
not allow to do the second option in YaST so the user could only abort anyway.
So from that perspective displaying a warning at beginning that something might fail
is OK, also displaying an error when saving is OK. Crashing at some point is bad. On
the other hand if it crashed it means nothing has been changed so it should be quite
safe for the user. ;-)
So in the end I think we should improve the error handling in general (to not crash)
but I think we should not explicitly block non-root users just because we think it
won't work. That might hurt in the opposite way in some cases.
SUSE LINUX, s.r.o.
18600 Praha 8
To unsubscribe, e-mail: yast-devel+unsubscribe(a)opensuse.org
To contact the owner, e-mail: yast-devel+owner(a)opensuse.org