Mailinglist Archive: opensuse-factory (387 mails)

< Previous Next >
Re: [opensuse-factory] Re: Re: Running YaST-Control-Center without root


On 26/04/2019 10:35, Maurizio Galli (MauG) wrote:
On 4/26/19 8:52 AM, badshah400@xxxxxxxxx wrote:
On Thu, 2019-04-25 at 21:22 +0200, Carlos E. R. wrote:
On 25/04/2019 10.19, Ancor Gonzalez Sosa wrote:
Just a note here. In some cases, asking the password only at the
end
(when writing configuration) would make sense. But in general is
not
that simple. YaST is an interactive tool and, as such, it performs
several tasks that would need root permission in several points of
the
user interaction. E.g. installing some package that is required to
continue, reading some protected configuration, adjusting the
firewall
to be able to explore the network, starting or stopping a service,
refreshing the list of repos...

Being able to fire up YaST and do some configuration work, then at
the
end see it asking for the root password could be nasty surprise if
the
user doesn't have it. After all the work, not being able to
continue...
At least he should get told at the start that to save changes he
needs
the root password.

This can possibly be done by an info box when a particular module
starts up, I guess, though I can't imagine how any user would simply
assume that they would be able to apply changes to root
configuration/filesystem without requiring some kind of privilege
escalation.

Actually, I wouldn't even mind requiring root privileges for some YaST
modules from the moment they are launched (like firewall, as Ancor has
pointed out). This would be nonetheless many times better than having
to key in root password for simply looking at installed/available
packages, configured repositories, network proxy settings, and/or
network IP address (when using wicked), all of which can be done
without root access from the terminal anyway (e.g. using `zypper` and
`ip` as non-root user). In openSUSE, the answer to a user's question
about looking up installed packages via a GUI interface is "not unless
you are root". It shouldn't have to be.

Cheers.


I think it depends on how often Yast and the modules are being used. Personally I prefer it the way it is now and have to enter the root password only once when Yast is launched and be done. I really do not wish  being prompted a password dialog every time and for each module.


Even keeping this idea it would be much better if the UI ran as the user and asked for the password at the start (if thats what people preferred, you could maybe just add a prompt for password at launch setting). I'm also all for using polkit more and this is probably a good starting place for that.

--

Simon Lees (Simotek) http://simotek.net

Emergency Update Team keybase.io/simotek
SUSE Linux Adelaide Australia, UTC+10:30
GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages