pkexec in a chroot - bypassing dbus?
Colin Guthrie
gmane at colin.guthr.ie
Mon Oct 28 10:05:43 PDT 2013
Hi,
I'm currently converting the various Mageia tools to use polkit
(actually just a light wrapper around pkexec for now - but more might
follow later) rather than the somewhat dated usermode consolehelper stuff.
In some cases the tools being wrapped up make sense to be run when just
chrooting in to a machine (typically the non-gui ones, but even then it
is somewhat limited to a few package management cli tools and not much else)
Anyway, when in a chroot, pkexec still needs to talk to dbus which would
need to be started etc. It in turn might need to talk to logind which
would also need to be started and also needs that the machine was
systemd booted too.
Leaving aside all comments regarding nspawn and such, is there a way for
pkexec to automatically detect if the user is already root and avoid the
dbus round trip and just assume things are authorised? This might be
dangerous in some other ways hence why I'm asking.
As we go via some lightweight wrapper scripts anyway, it's fairly
trivial to do a 'if [ "$UID" = "0" ]; then exec /path/to/foo; else exec
pkexec /path/to/foo; fi' in our wrapper, so my question is really just
aimed at what's sensible and whether or not I'm doing something really,
really dumb along the way :D
Cheers for any insights.
Col
--
Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/
Day Job:
Tribalogic Limited http://www.tribalogic.net/
Open Source:
Mageia Contributor http://www.mageia.org/
PulseAudio Hacker http://www.pulseaudio.org/
Trac Hacker http://trac.edgewall.org/
More information about the polkit-devel
mailing list