[systemd-bugs] [Bug 81626] networkd lacks access to hostnamed
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Aug 19 10:37:01 PDT 2014
https://bugs.freedesktop.org/show_bug.cgi?id=81626
--- Comment #4 from David Herrmann <dh.herrmann at gmail.com> ---
I strongly discourage you from installing rules with systemd. Please see the
polkit man-page. Rules are meant exclusively for administrator-control and
non-generic system setups. A system should run just fine with an empty
/usr/share/polkit-1/rules.d/.
I don't have any better solution for this problem, though. So maybe we should
document this polkit-rule as workaround in the wiki until we find a real fix.
This problem is kind of nasty because we want to allow a non-root user to
access APIs that other non-root users cannot. But access-control has always
been under control of the API-provider, not of the API-user. Therefore,
installing rule files with networkd sounds wrong to me. It's hostnamed that
should open the API to a specific set of users.
Meh.. we really need a proper solution here.
--
You are receiving this mail because:
You are the QA Contact for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-bugs/attachments/20140819/7df1699f/attachment.html>
More information about the systemd-bugs
mailing list