Re: Writing to /etc/ from a "privileged" UI
David Paleino <firstname.lastname@example.org> writes:
> Hello everybody,
> I'm writing this mail to gather comments about a serious bug I received some
> time ago, for which I haven't yet had time to make a proper fix. The bug is
> #612918, against wicd, "Uses /etc/wicd/wireless-settings.conf as state file".
> My opinion is that wireless networks with some kind of configuration provided
> (say, a key, or a DNS server, or some static IP, [..]), should be saved there
> (so the bug really is: «don't uselessly save all the networks you encounter»
> -- and I already have a fix for that).
> The reporter's opinion is that no GUI should ever write to /etc/.
> However, WICD clients are run from privileged users, i.e. those in the `netdev'
> group, and are added there by root. So I think that's perfectly fine.
With / being mounted read-only, and yes there are more and more people
who do have that again, /etc is not writable at runtime for
anything. So your GUI will simply fail to work.
> I took a look at how NetworkManager handles that: it stores configuration using
> gconf, so it's not really comparable. I'd like to stick with files under /etc/,
> What's your opinion on this?
> I haven't searched thoroughly through the archive, but I guess there are other
> UIs run by privileged non-root users that write to /etc/?
> Didier, I hope I correctly summarised the bug you reported. If not, please
> reply :)
> Thanks for your suggestions,
The only way you can argue is that your GUI is a nice frontend for
editing the static config in /etc/wicd/wireless-settings.conf. As such
the admin needs to remount / read-write before running it just like he
would before running 'sensible-editor /etc/wicd/wireless-settings.conf'.
In that case you should detect when /etc is read-only and have good
error messages. Maybe even have some way to automatically or with one
click mount / read-write for the duration of the write.
Note: For comparison in apt one can configure hooks to mount /
read-write before invoking dpkg and read-only after. So "apt-get
upgrade" works without having to remount / read-write first.