Re: Enabling package installation for non-root users
Le lundi 27 février 2012 à 05:19 +0100, Sebastian Heinlein a écrit :
> Am Donnerstag, den 23.02.2012, 18:46 +0200 schrieb Timo Juhani
> > Josselin Mouette <email@example.com> writes:
> > > (We even have a patch to allow only a subset of packages but it is
> > > unfortunately a bit too hackish.)
> > Would be really nice to have some standard sets available (think
> > "browser extensions", "command-line tools that ship no services or suid
> > binaries"). I'd certainly let my desktop users install these without
> > having to ask me or having to install them manually to their $HOME..
> Do you need a whitelist or a blacklist?
This should clearly be a whitelist. I don’t think there’s real use for a
blacklist, it is too dangerous.
> Do you want to limit all installations via aptdaemon or only for a set
> of users?
This functionality is already available through the PolicyKit
configuration. Maybe you can add two levels of authorization, one for
installing any package, the other one for installing the subset.
> We could limit the allowed packages by e.g. debtags, section and package
And I can has limitations by repository and priority too?
.''`. Josselin Mouette
: :' :