[packagekit] Treating untrusted and trusted operations differently

Richard Hughes hughsient at gmail.com
Tue Apr 22 03:01:09 PDT 2008


On Mon, 2008-04-21 at 22:17 -0400, David Zeuthen wrote:
> On Tue, 2008-04-22 at 02:54 +0100, Richard Hughes wrote:
> > On Mon, 2008-04-21 at 21:13 -0400, David Zeuthen wrote:
> > > The two stage attempt would just be
> > > 
> > >   1. UI tries InstallPackage("~/Desktop/livna-release.9-1.noarch.rpm")
> > > 
> > >   2. PackageKit returns NotAuthorized with action='.install-untrusted',
> > >      result='auth_admin_one_shot'
> > 
> > PackageKit currently assigns the PolicyKit type based on the "Role"
> > rather than waiting for the transaction to start. I'll look into if we
> > can relax this and do things differently.
> 
> Thanks for looking into this (though I must admit I don't know what
> "Role" means here).

A role is a type of action that doesn't change for the entire
transaction, e.g. search-group or update-system. At the moment roles are
mapped to policykit permissions.

> > >      (Btw, where do you import the keys? I think these are part of the
> > >       Livna release RPM and will get automatically installed. Will the
> > >       user get a say in this? And where will he get prompted? Just
> > >       curious.)
> > 
> > Yup, the client tool Does a key import method, and then requeues the
> > transaction if it succeeded. It's a separate DBUS method.
> 
> Where in the step 1. to 5. does it fit in?

Stage 6.

Richard.




More information about the PackageKit mailing list