[packagekit] update-package vs. update-system (Was Re: Signed packages again again)
David Zeuthen
david at fubar.dk
Thu Nov 15 14:50:33 PST 2007
On Thu, 2007-11-15 at 22:42 +0000, Richard Hughes wrote:
> On Thu, 2007-11-15 at 17:28 -0500, David Zeuthen wrote:
> > On Thu, 2007-11-15 at 22:19 +0000, Richard Hughes wrote:
> > > It looks like you are not using git from the developer repo. update is
> > > now update-package and update-system.
> >
> > Btw, what's the rationale for this distinction? I mean, if I have
> > update-package but not update-system what prevents me from updating the
> > system piece by piece?
>
> That the admin might want to decide the system has to be in a coherent
> state, i.e. not half-updated. It's basically just making it ultimately
> fine grained, and gives us nice descriptions in the PolKit prompts.
Makes sense I guess. Nice feature to ensure that no piece-wise updates
can be done! Didn't think of that!
Reminds me it might me useful to have one PolKit auth imply another.
FWIW, I've run into this a few other times [1] but doing it in PolKit
proper is a bitch since it would make it even more complex that it is
today. The recommended solution (that I need to write down somewhere) is
that you check for more than one authorization at certain places. Since
- 'update' implies 'update-system'
(because you can update piece by piece)
you should check for both 'update' and 'update-system' when updating the
whole system. Makes sense?
David
[1] : in the gnome-system-monitor PolKit patch there's "Boost priority
of your own processes" and the "Change priority of any process" actions.
Clearly the latter (harder to get; admin auth) implies the former
(requires auth by self) but not the other way around.
More information about the PackageKit
mailing list