On Mon, Apr 4, 2016, at 11:31 AM, Martin Pitt wrote:
> A more upstreamable approach would be to not query polkit at all if > geteuid() == 0. Is there any legit scenario where root would be denied > running systemctl directly, but a polkit rule would allow it > nevertheless? I can't think of one. However, see: https://bugs.freedesktop.org/show_bug.cgi?id=35623 But that's okay, if kdbus happens I'm sure sd-bus/systemd would be easy to change to teach it about CAP_SYS_ADMIN. The uid-vs-CAP_SYS_ADMIN is a lot more important in a world of containers though. > In such a scenario, is it really legit to get an > interactive PK auth prompt for something like "systemctl enable foo" > when installing package foo? I think this would be good to cross-post to the polkit list, or at least if a choice is determined, summarize it there. But basically sounds fine to me to special case euid == 0, I think there is precedent elsewhere too. I thought NM did this, but I'm not seeing it in the code offhand. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
