Mailinglist Archive: yast-devel (246 mails)

< Previous Next >
Re: [yast-devel] WebYaST: Vendor customization
  • From: Klaus Kaempf <kkaempf@xxxxxxx>
  • Date: Thu, 13 Aug 2009 21:51:35 +0200
  • Message-id: <20090813195135.GB32134@xxxxxxxxxxxxx>
* Jiří Suchomel <jsuchome@xxxxxxx> [Aug 13. 2009 18:37]:

The scripts (either vendor specific ones or init scripts) should be called by
YaPI because of SCR running with root privilliegies. Or maybe there is some
other way, but I don't know about it.

Well, one just need a service running as root behind D-Bus. It doesn't
have to be SCR.


So you mean that parsing the config file could be done on ruby level? That is
possible, but how should the results (the example of result is path to
executable script) be passed to YaPI layer? As a parameter?

Sure. Just as SCR::Execute(.bash) gets the command as parameter.

This is a security risk, as the one who has the right to operate
services gets the right to execute custom script....

Sure, executing the script is the main purpose of (gettings rights to)
'services'


Klaus
---
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)

--
To unsubscribe, e-mail: yast-devel+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-devel+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups