[packagekit] PackageKit PolicyKit actions
david at fubar.dk
Wed Jul 16 11:22:30 PDT 2008
I just looked at the PackageKit actions from the 20080618 snapshot
(which is in Rawhide) and here are some comments. Keep in mind that
these actions are what system administrators see so
a) it needs to be very self-evident what the action means
b) really need to keep the number of actions down
c) two actions should never overlap
d) it helps overview if prefixing common actions with the same
prefix; for example
package-*: for actions that deals with packages
system-*: for actions that deals with the entire system
e) use <noun>-<verb> rather than <verb>-<noun> to in naming, e.g.
is a lot easier to mentally deal with than
and they'll also show up close to each other due to sorting.
FWIW, my plan is (at some points) to include these few guidelines in the
polkit documentation on how to choose/name polkit actions. Comments
welcome on the general guidelines.
On to the specifics:
$ for i in $(polkit-action |grep packagekit) ; do polkit-action --action $i ; done
description: Install package
message: Authentication is required to install a package
description: Install untrusted local file
message: Further authentication is required to install an untrusted local file
description: Install local file
message: Authentication is required to install a local file
Why the distinction between localinstall and install? That doesn't make
sense if the distinction you make is whether the package comes from a
repository or a local file on the system. What really matters is only
whether the package is signed by a trusted entity or not.
So I think it should just be
.package-install (w/ auth_admin_keep_always)
.package-install-untrusted (w/ auth_admin)
description: Install security signature
message: Authentication is required to install a security signature
My guess is that this has to do with deciding to trust a key that signs
packages. If this is true shouldn't it have a better name to reflect
Suggestion to use
description: Trust a key used for signing packages
message: Authentication is required to consider a
key used for signing packages as trusted
description: Accept EULA
message: Authentication is required to accept a EULA
Suggest to use package-eula-accept. Also, suggest to default to "yes"; I
can't think of a case where we would want admin authentication by
description: Update package
message: Authentication is required to update packages
description: Update all packages
message: Authentication is required to update all packages
Why is this split into two actions? I think it would be a lot easier on
administrators if this was just a single action, e.g. system-update.
I know there's the hypothetical use case where an admin only wants the
user to update the entire system at once and not piecemeal; presumably
to avoid the user from botching the system. But that really sounds like
you're trying to protect someone from a badly packaged OS; e.g. I don't
think the added confusion of having two separate PolicyKit actions
really outweighs the gain.
(Btw, what happens if one of the packages in the update set isn't
description: Remove package
message: Authentication is required to remove packages
description: Rollback to a previous transaction
message: Authentication is required to rollback a transaction
Who else than Foresight does this now or will in the future? Does it
really warrant a separate action or could you use an existing one
instead? In a very real sense this is similar to updating so maybe just
use 'system-update'? Or if you decide to keep it, perhaps use
description: Change software source parameters
message: Authentication is required to change software source parameters
Maybe it would be useful to rename this to "systems-sources-configure".
description: Refresh package lists
message: Authentication is required to refresh the package lists
Maybe rename to "system-sources-refresh" and also use term software
sources in the description + messages.
(right now you're using "repo", "software source" and "package list" to
refer to pretty much the same thing.)
description: Set network proxy
message: Authentication is required to set the network proxy used for downloading packages
Suggest system-network-proxy-configure and s/set/configure/.
Here's the suggested list
Which I think is a lot easier on the eyes. Your thoughts on this?
More information about the PackageKit