[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Enabling package installation for non-root users

Le lundi 27 février 2012 à 05:19 +0100, Sebastian Heinlein a écrit : 
> Am Donnerstag, den 23.02.2012, 18:46 +0200 schrieb Timo Juhani
> Lindfors: 
> > Josselin Mouette <joss@debian.org> writes:
> > > (We even have a patch to allow only a subset of packages but it is
> > > unfortunately a bit too hackish.)
> > 
> > Would be really nice to have some standard sets available (think
> > "browser extensions", "command-line tools that ship no services or suid
> > binaries"). I'd certainly let my desktop users install these without
> > having to ask me or having to install them manually to their $HOME..
> 
> Do you need a whitelist or a blacklist?

This should clearly be a whitelist. I don’t think there’s real use for a
blacklist, it is too dangerous.

> Do you want to limit all installations via aptdaemon or only for a set
> of users?

This functionality is already available through the PolicyKit
configuration. Maybe you can add two levels of authorization, one for
installing any package, the other one for installing the subset.

> We could limit the allowed packages by e.g. debtags, section and package
> names.

Yes please!
And I can has limitations by repository and priority too?

Cheers,
-- 
 .''`.      Josselin Mouette
: :' :
`. `'
  `-
Reply to: