On 07/15/11 06:40 AM, Shawn Walker wrote:
On 07/14/11 18:49, Brock Pytlik wrote:
Code review:
https://cr.opensolaris.org/action/browse/pkg/bpytlik/18620-v1
Bug:
18620 pkg verify needs administrative privs when 'require-signatures'
This creates an in memory store of those certificates we couldn't write
to disk, allowing us to verify the chain without needing to write
them out.
So, while making this not traceback is good, I sort of feel it's
somewhat silly for folks to complain about verify not working for
unprivileged users. Why? Because you can't run pkg verify without
root privileges at the moment since all directories, etc. won't be
readable, so you'll get errors during the verification.
That's true, except that you can verify a single package, and that might
not require root.
I suppose it could be argued that you could run pkg verify in a less
privileged mode where you only had the ability to read everything, but
not write any data to the image. In that case, this seems like a good
change.
src/modules/client/publisher.py:
line 2028: having the else: clause isn't necessary since the first
case will raise an exception; i'd de-indent the lines after and drop
the else for readability
line 2032: s/./:/
line 2058: just add a continue after this line, then you can drop the
else on line 2059 and de-indent 2060-2069; that will help
readability
-Shawn
All comments taken. Thanks for looking at it.
Brock
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
