[packagekit] Signed packages again again
David Zeuthen
david at fubar.dk
Thu Nov 15 14:09:01 PST 2007
Hey,
Whilst discussing some peripheral use cases related to package
management, signed packages and repository management in Fedora, here:
https://bugzilla.redhat.com/show_bug.cgi?id=253897#c25
it occurred to me that you may want to make some of the PolicyKit
actions for PackageKit more fine grained. Basically, I think we want to
support the use case mentioned in that comment; e.g. it should be
possible to grant the user 'bob' the authorization to install signed
packages but at the same time ensure he's not authorized to install
unsigned packages. That's very useful in both enterprise and home user
scenarios.
Looking at the current actions
org.freedesktop.packagekit.install
org.freedesktop.packagekit.localinstall
org.freedesktop.packagekit.update
org.freedesktop.packagekit.remove
org.freedesktop.packagekit.update
org.freedesktop.packagekit.rollback
org.freedesktop.packagekit.repo-change
org.freedesktop.packagekit.refresh-cache
I'm not sure where that is codified. Maybe introduce new actions
org.freedesktop.packagekit.install-unsigned
org.freedesktop.packagekit.localinstall-unsigned
Thoughts?
Thanks,
David
More information about the PackageKit
mailing list