implementing an OLPC authentication agent
Daniel Drake
dsd at laptop.org
Mon Jul 7 09:02:33 PDT 2008
On Wed, 2008-07-02 at 21:37 -0400, David Zeuthen wrote:
> On Wed, 2008-07-02 at 20:29 -0500, Daniel Drake wrote:
> > Ah, excellent, I wasn't aware about this overrides method.
> > I think the best option is for us to ship the overrides files in a separate
> > package. Do you forsee any problems there?
>
> Yeah, if you ship the files in a package they're owned by that package.
> Which means future overrides of the defaults by the user will
> potentially get overwritten on updates. That's why you want to run it in
> %post on each machine.
>
> Also, the location of these files is an implementation detail. Running
> the command in %post hides this implementation detail from you.
Ah, indeed. The user-overrides isn't really a concern for us, since all
customisations outside of /home are wiped out during our (automatic)
updates anyway. Plus we aren't really expecting users to mess with this.
The location changing is a concern, but it's one we are happy to live
with. Our policy package spec will have
"Requires: /var/lib/PolicyKit-public" so any changes should become known
quickly.
Thanks,
Daniel
More information about the polkit-devel
mailing list