On 2014-10-16 14:39, Jussi Laako wrote: > On 16.10.2014 11:43, Rafał Krypa wrote: >> Could you please describe this subject in detail? What problems did you >> encounter while considering integration by hooks? Why was it considered >> unfeasible? >> If similar problems could also affect integration with security-manager, I'd >> like to avoid them as early as possible. > > Conclusion was that it is impossible to perfectly roll-back hook actions in > case of failure because the roll-back can also fail. If not for anything else > but due to bugs in implementation.
IMHO a perfect roll-back for operations like user creation and removal isn't that important. If some step during creation of a user fails (or is interrupted by power loss) it should be enough to leave the user in half-created state. Such half-created account should have the following characteristics: - cannot be utilized, prevent users from logging into it (this can be achieved by enabling the account in the very last step of the process) - can be enumerated and removed, like any proper user account - until removed, cannot be re-used by subsequent user creations Having that, a device administrator could recover from failed user creation by entering user management again, removing the half-baked account and trying to create it again. It is possible to handle user removal in a similar way. To be honest, in my proposal for wrapping gumd with security-manager functions I didn't intend to provide fully transactional removal and creationof users. I considered it too difficult and not worth it. And similarly, as far as i know there is no roll-back support forfailed application installation(or de-installation or upgrade).Do we need to discuss it for applications as well? Dominig, if you have any concerns about my approach, please letus know. At themoment I don't see technical reasons for choosing gumd wrapping over hooks. Since hooks seem to be preferred by gumd developers and should be easier for all of us, they look like a viable option to me. Best regards, Rafal Krypa
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
