[packagekit] PackageKit PolicyKit actions
hughsient at gmail.com
Sat Jul 19 01:00:30 PDT 2008
On Wed, 2008-07-16 at 14:22 -0400, David Zeuthen wrote:
> Why the distinction between localinstall and install?
There's no distinction from an authorisation point of view, it's just
the text in the description is more specific.
> That doesn't make
> sense if the distinction you make is whether the package comes from a
> repository or a local file on the system. What really matters is only
> whether the package is signed by a trusted entity or not.
> Suggest to use package-eula-accept. Also, suggest to default to "yes"; I
> can't think of a case where we would want admin authentication by
> default here?
> I know there's the hypothetical use case where an admin only wants the
> user to update the entire system at once and not piecemeal; presumably
> to avoid the user from botching the system. But that really sounds like
> you're trying to protect someone from a badly packaged OS; e.g. I don't
> think the added confusion of having two separate PolicyKit actions
> really outweighs the gain.
> (Btw, what happens if one of the packages in the update set isn't
Well, it's tricky. At the moment you get a big fat libnotify window
telling you the update isn't trusted. Ideally we would do the same
action as install-untrusted, but then all the users using sources like
rawhide would have to enter the root password each and every time.
> Who else than Foresight does this now or will in the future? Does it
> really warrant a separate action or could you use an existing one
> instead? In a very real sense this is similar to updating so maybe just
> use 'system-update'? Or if you decide to keep it, perhaps use
It's very different from updating the system, so I think this warrants a
different action. Renamed as suggested.
> Maybe it would be useful to rename this to "systems-sources-configure".
> Maybe rename to "system-sources-refresh" and also use term software
> sources in the description + messages.
> (right now you're using "repo", "software source" and "package list" to
> refer to pretty much the same thing.)
Sure, we should be using the "software sources" description throughout.
> Which I think is a lot easier on the eyes. Your thoughts on this?
I've committed this locally, I'll just push to the repo when I get some
good Internet access.
Thanks for the review!
More information about the PackageKit