Proposal for Fedora - "GKSUDO"
David Zeuthen
david at fubar.dk
Thu Dec 6 20:48:47 UTC 2007
On Mon, 2007-12-03 at 21:42 -0500, Yaakov Nemoy wrote:
> On Dec 3, 2007 9:32 PM, masch <the.masch at gmail.com> wrote:
> > Hi!
> > Is it possible to include any utility link in Ubuntu gksu, gksudo,
> > gnomesu or gnomesudo??
> > It's really usefully for some scripts
We have consolehelper which is similar to graphical sudo helpers.
> AFAIU (as far as i understand) PolicyKit is going to handle those
> sorts of details. It's far more ideal, because then for some users,
> they can never escalate their privileges, some users can only escalate
> with a root password, and some with their own password. It's this
> understanding that it will be here "any time soon" that's kept me from
> complaining about the obvious lack of gksudo.
PolicyKit actually been in the distro since F8. Granted for F8 it's only
used for mounting partitions from non-hotpluggable drives with
non-removable media (e.g. Windows partitions).
For F9 a lot more stuff will use it
already written:
- intlclock
- pulseaudio (for gaining realtime auths)
- add/remove software (though the jury is out whether PackageKit
will replace pup/pirut on the F9 desktop live cd)
written but not in rawhide yet
- gnome-system-monitor (kill processes, adjust priority)
planned
- gdm (for shutting down/rebooting the box)
- avahi (for publishing network services)
- NetworkManager (connect to networks)
- gvfs: Nautilus/gedit/etc. (for manipulating files you don't own)
I'm also planning to write a small replacement for consolehelper (going
to write feature pages / file bugs soon) so you can use polkit-auth(1)
http://hal.freedesktop.org/docs/PolicyKit/polkit-auth.1.html
or the polkit-gnome-authorization UI
http://people.freedesktop.org/~david/polkitg-auth-1.png
http://people.freedesktop.org/~david/polkitg-auth-2.png
http://people.freedesktop.org/~david/polkitg-auth-3.png
http://people.freedesktop.org/~david/polkit-icon-and-vendor.png
to manage who is allowed to run a given X application as root.
Finally, I'm working with the FreeIPA team to store authorizations in
the directory.
David
More information about the fedora-devel-list
mailing list