Re: libgnomesu [was Re: Proposed modules: my consensus so far]

From: Mark McLoughlin <markmc redhat com>
To: Hongli Lai <h lai chello nl>
Cc: Desktop Devel <desktop-devel-list gnome org>
Subject: Re: libgnomesu [was Re: Proposed modules: my consensus so far]
Date: Thu, 25 Nov 2004 20:35:53 +0000

On Thu, 2004-11-25 at 20:20 +0100, Hongli Lai wrote:
> Mark McLoughlin wrote:
> > 	(1) worries me because it leaks some admin-tool functionality into a
> > user tool which I think is likely to be frustrating and confusing for
> > users who *don't* have root. It also isn't optimal for users who *do*
> > have root - having to type the root password for every process you want
> > to kill isn't fun.
> 
> I don't think there is any better way.

	You could have separate admin tool and user tool rather than trying to
make a hybrid work.

> And you don't have to enter the root password every time, if you're on 
> RedHat. libgnomesu uses the pam_timestamp extension when available.

	That would be true if renice used consolehelper. It doesn't, but it
could. Or procman could come with a helper that used consolehelper. But
I think a separate admin tool makes more sense.

> > 	There's nothing (apart from the lack of shadow password support)
> > distribution specific about usermode/consolehelper really.
> 
> Except that it's only included in some distributions?

	There are some very simple and surmountable reasons why usermode isn't
shipped widely yet, IMHO. We don't know yet how libgnomesu will fare
with distributors either, do we?

> >>>  - No startup-notification integration
> >>
> >>Last time I checked, libstartupnotify is *still* marked as "unstable API 
> >>which can change any time".
> > 
> > 
> > 	Yes, but if libgnomesu was part of the Desktop Release, it would be
> > perfectly valid for it to use the API.
> 
> A bit offtopic: but is the latest libstartupnotification binary 
> compatible with 0.4? I'm on FC1 and I'm stuck with GNOME 2.4. Garnome 
> GNOME just breaks too many things (menus show up duplicate items, etc.).

	It should be, I think - there have been API additions but no
incompatible ABI changes.

> > 	But, yeah, you do need multiple backends - you need to support shadow
> > passwords. Could do that in the same backend binary, though, right?
> 
> No. The PAM backend is linked to libpam.so, which isn't available on 
> systems without PAM.

	That's something you can check at buildtime and use #ifdefs for. The
binary doesn't have to detect at runtime whether libpam is installed.

> >>>  - The thought of a Nautilus "Open as Superuser" component gives me
> >>>    the heebie-jeebies. I'm not sure exactly why. Its irrelevant now
> >>>    with Alex's recent changes to Nautilus, anyway :-)
> >>
> >>Did I miss anything? What changes?
> > 
> > 	No bonobo components for Nautilus anymore.
> 
> How's that related to privilege raising?

	Its related to the fact your "Open as superuser" component doesn't work
anymore.

Cheers,
Mark.

References:
- Proposed modules: my consensus so far
  - From: Murray Cumming
- libgnomesu [was Re: Proposed modules: my consensus so far]
  - From: Mark McLoughlin
- Re: libgnomesu [was Re: Proposed modules: my consensus so far]
  - From: Hongli Lai
- Re: libgnomesu [was Re: Proposed modules: my consensus so far]
  - From: Mark McLoughlin
- Re: libgnomesu [was Re: Proposed modules: my consensus so far]
  - From: Hongli Lai

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]