Dominig ar Foll
Senior Software Architect
Open Source Technology Centre
Intel SSG
Le 27/10/2014 13:31, Rafał Krypa a écrit :
On 2014-10-16 14:39, Jussi Laako wrote:
On 16.10.2014 11:43, Rafał Krypa wrote:
Could you please describe this subject in detail? What problems did
you encounter while considering integration by hooks? Why was it
considered unfeasible?
If similar problems could also affect integration with
security-manager, I'd like to avoid them as early as possible.
Conclusion was that it is impossible to perfectly roll-back hook
actions in case of failure because the roll-back can also fail. If
not for anything else but due to bugs in implementation.
IMHO a perfect roll-back for operations like user creation and removal
isn't that important.
If some step during creation of a user fails (or is interrupted by
power loss) it should be enough to leave the user in half-created
state. Such half-created account should have the following
characteristics:
- cannot be utilized, prevent users from logging into it (this can be
achieved by enabling the account in the very last step of the process)
- can be enumerated and removed, like any proper user account
- until removed, cannot be re-used by subsequent user creations
Having that, a device administrator could recover from failed user
creation by entering user management again, removing the half-baked
account and trying to create it again. It is possible to handle user
removal in a similar way.
To be honest, in my proposal for wrapping gumd with security-manager
functions I didn't intend to provide fully transactional removal and
creationof users. I considered it too difficult and not worth it. And
similarly, as far as i know there is no roll-back support forfailed
application installation(or de-installation or upgrade).Do we need to
discuss it for applications as well?
Dominig, if you have any concerns about my approach, please letus
know. At themoment I don't see technical reasons for choosing gumd
wrapping over hooks. Since hooks seem to be preferred by gumd
developers and should be easier for all of us, they look like a viable
option to me.
That proposition is perfectly acceptable for Tizen market target.
I'd rather have such a simple system rather than a complex roll back model.
Dominig
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
