[systemd-devel] [PATCH] Split sysctl 50-default.conf setting file
Kay Sievers
kay at vrfy.org
Mon Dec 2 15:04:47 PST 2013
On Mon, Dec 2, 2013 at 11:52 PM, Goffredo Baroncelli <kreijack at libero.it> wrote:
> I have ne question: what happens if a sysctl setting is in more than
> one file ? systemd-sysctl is smart enough to write the last value or
> perform several writes ?
One write only, it logs at "info" level about overwritten values.
>> Kay explained in IRC that we do not allow such actions, because access to
>> the keyboad doesn't mean full access to the machine, and we default to safe
>> settings. Allowing the reboot though logind is different, because the user
>> must authenticate first to open a session.
>
> Sorry, but I cannot agree: from a theoretical point of view Kay has
> reason. However who has access to the keyboard and not to the "power
> switch" ? If I want to switch the PC and the software cannot allow it, I
> unplug the main power...
The keyboard is surely not the computer itself, the wires or the reset
or power button. Login prompts must not have the ability to trigger
unsafe options with the keyboard alone.
> I think that we should give access to other keys like:
> - Boot
> - Reboot
> - powerOff
> - Umount
Sure it's useful for you as it is for me on my box, but it is not a
safe default. You need to set it locally, we cannot do that.
Kay
More information about the systemd-devel
mailing list