Le 19/03/2009 19:12, Doug Goldstein a écrit :
The problem would be a simple fix if PolicyKit supported groups and we
could just say "give all access to those in the wheel" group as a
reasonable default. But alas, it does not. Arguably we can probably
patch that in and just be done with it.
Actually, for a while, I had a policy file that returned "allow" to all
auth requests. That was obviously not "secure" at all...
For some reason, even _that_ didn't allow all apps to work properly, as
they expect their own policy file and not just a default setting.
It's as if GConf required schemas to be installed for apps to work.
Unless someone has some better ideas for a reasonable default.
The only way ATM is to go through the policy file for each applications,
read it, make sense of it and adapt it to Gentoo... Again, the Gnome
herd is quite short on manpower these days, even with the precious help
of our latest recruits (Arun and Nirbheek).
(IMHO,
removing all of PolicyKit is a reasonable default but it looks like
going forward GNOME is just using it without really any documentation
or any forethought into the real world implications of PolicyKit and
the inherent support/issues with ConsoleKit)
I think we all agree here, Gilles, Mart and others have dutifully
patched most (all?) core gnome components to at least build without PK,
even if that means loosing some features. Thankfully, most of those
patches have been accepted upstream.
As for Gnome blindly using PK... again, we're all on the same page :)
If anyone _really_ wants PK, please get in touch with us so we can try
to support it in Portage.
Thanks
