[packagekit] Treating untrusted and trusted operations differently
Richard Hughes
hughsient at gmail.com
Tue Apr 22 03:01:09 PDT 2008
On Mon, 2008-04-21 at 22:17 -0400, David Zeuthen wrote:
> On Tue, 2008-04-22 at 02:54 +0100, Richard Hughes wrote:
> > On Mon, 2008-04-21 at 21:13 -0400, David Zeuthen wrote:
> > > The two stage attempt would just be
> > >
> > > 1. UI tries InstallPackage("~/Desktop/livna-release.9-1.noarch.rpm")
> > >
> > > 2. PackageKit returns NotAuthorized with action='.install-untrusted',
> > > result='auth_admin_one_shot'
> >
> > PackageKit currently assigns the PolicyKit type based on the "Role"
> > rather than waiting for the transaction to start. I'll look into if we
> > can relax this and do things differently.
>
> Thanks for looking into this (though I must admit I don't know what
> "Role" means here).
A role is a type of action that doesn't change for the entire
transaction, e.g. search-group or update-system. At the moment roles are
mapped to policykit permissions.
> > > (Btw, where do you import the keys? I think these are part of the
> > > Livna release RPM and will get automatically installed. Will the
> > > user get a say in this? And where will he get prompted? Just
> > > curious.)
> >
> > Yup, the client tool Does a key import method, and then requeues the
> > transaction if it succeeded. It's a separate DBUS method.
>
> Where in the step 1. to 5. does it fit in?
Stage 6.
Richard.
More information about the PackageKit
mailing list