[packagekit] Signed packages again again

David Zeuthen david at fubar.dk
Thu Nov 15 14:09:01 PST 2007


Hey,

Whilst discussing some peripheral use cases related to package
management, signed packages and repository management in Fedora, here:

https://bugzilla.redhat.com/show_bug.cgi?id=253897#c25

it occurred to me that you may want to make some of the PolicyKit
actions for PackageKit more fine grained. Basically, I think we want to
support the use case mentioned in that comment; e.g. it should be
possible to grant the user 'bob' the authorization to install signed
packages but at the same time ensure he's not authorized to install
unsigned packages. That's very useful in both enterprise and home user
scenarios.

Looking at the current actions

 org.freedesktop.packagekit.install
 org.freedesktop.packagekit.localinstall
 org.freedesktop.packagekit.update
 org.freedesktop.packagekit.remove
 org.freedesktop.packagekit.update
 org.freedesktop.packagekit.rollback
 org.freedesktop.packagekit.repo-change
 org.freedesktop.packagekit.refresh-cache

I'm not sure where that is codified. Maybe introduce new actions

 org.freedesktop.packagekit.install-unsigned
 org.freedesktop.packagekit.localinstall-unsigned

Thoughts?

Thanks,
David





More information about the PackageKit mailing list