Re: disabling polkit?

From: Steve <steve gnomeslackbuild org>
To: Tambet Ingo <tambet gmail com>
Cc: networkmanager-list gnome org
Subject: Re: disabling polkit?
Date: Thu, 17 Jul 2008 14:02:01 +0100

On Thu, 2008-07-17 at 12:44 +0300, Tambet Ingo wrote: 
> On Thu, Jul 17, 2008 at 11:58 AM, Steve <steve gnomeslackbuild org> wrote:
> > Hello!  How integrated is polkit in NetworkManager?  I would like to
> > build NM for Slackware, which doesn't come with polkit, and I would like
> > to try avoid installing it if I could.  I'm just if it would be possible
> > (without major changes to code) to build nm without it? At the moment
> > I'm using an older version of NM from svn that doesn't require polkit.
> 
> There's one place in NetworkManager
> (system-settings/src/nm-polkit-helpers.c) and one place in
> NetworkManager-gnome (src/connection-editor/nm-connection-list.c)
> where you can patch it out. But that would mean any user would be able
> to change system network configuration and it's probably not a good
> idea.
> 

I must admit I'm not too familiar with the pam/policy kit stuff.  At the
moment, I use nm svn r3645, which builds with only a bit of trouble, but
successfully on Slackware 12.1.  I modify the the nm dbus conf to use
the group netdev for the policy group, and then any user who wants to be
able to use nm/nm-applet must be in that group to change any network
settings.  Seems to work, and I think secure enough to keep meddling
users from disabling network devices.  :)

I've poked about in the code some but I'm hardly familiar with it.  How
difficult would you guess it be to modify 

system-settings/src/dbus-settings.c
system-settings/src/nm-sysconfig-connection.c
etc.

to avoid using policy kit and instead resort to dbus policy group
behaviour listed above?  I'm not a savvy coder.

> It would probably be a better bet to convince slackware to include
> policy kit as more and more programs are starting to use it.
> 

You're not the first to suggest this; but, for good or evil, Slackware
will not be moving (at least upstream) to pam/policy kit any time soon.
Some people do offer a pam/policykit solution for Slackware by replacing
some standard system packages, however a lot of users of Slackware, at
least in my experience, would like to avoid that if they could.  I admit
that most major linux distros are including/implementing pam, but not
all (notably slackware, and distros based off it like vector and slax).
Nonetheless, NM is shaping up to be a great piece of standard software
and it would be great to support non-policykit systems upstream.  :)

Cheers,

-= Steve =-

Follow-Ups:
- Re: disabling polkit?
  - From: David Zeuthen

References:
- disabling polkit?
  - From: Steve
- Re: disabling polkit?
  - From: Tambet Ingo

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]