Tag Archives: packages

Fedora and package install privileges

Old news I guess, but Fedora 12 will revert to Fedora 11 style package installation privileges which will prompt for the root password. Fedora 13 should implement the idea fully.

There was a “feature” in Fedora 12 which let any user install software which was digitally signed without needing the root password. It’s not as bad as it sounds – packages which are digitally signed from Fedora are safe. This might make sense on single user machines, but on those in schools and the like it could be bad as students could install whatever they liked.

Owen Taylor provides an excellent overview of why this change was introduced. Essentially, constantly prompting for the root password does not enhance overall security as it teaches users to not read what they are being asked and just blatantly type in the password.

He says:

The end effect of putting up a lot of dialogs.. is that you are training users to blindly enter the root password and hit OK, *not* something that enhances the overall security of the system.

There is an obvious better way to do this, which is to figure out what the appropriate roles are for the system: adminstrative users, non-adminstrative users, etc., and let the person maintaining system decide who gets what role.

So, David Zeuthen did a major redesign of PolicyKit to move it from the old “remembered permissions” policy, to a model where users could be assigned different roles.

This is what prompted the changes in PolicyKit and I think it’s a great innovation. Unfortunately, it’s not yet complete and hence we saw the “issue” emerge in F12.

He goes on to say (emphasis mine):

The idea was that the change in PolicyKit would be accompanied by a default set of roles, and a nice user interface for assigning users to roles. Unfortunately, with the constraints of time, it became clear that this all (and especially the GUI) wasn’t going to be there for Fedora 12. So, PackageKit needed a fixed policy for all users. For each action (install signed packages, install unsigned packages, remove packages, etc.), it needed to allow, deny, or ask for the root password.

Among the decisions Richard made was allowing all users to install signed packages from the Fedora repositories. This was clearly the right behavior for the common case of a single-user system, where the only user is also the administrator. And it seemed pretty safe: Fedora isn’t supposed to have packages in it that are dangerous to install. (For example, by policy, all network services must be off by default and not enabled by simply installing a package.)

He then goes on to explain why that “probably wasn’t the best choice” and plans for the future.

For Fedora 12, a PolicyKit update is available which reverts to the old method of needing the root password. For Fedora 13 we should see the feature completed which should make everyone more happy.


Amaroking Arch Linux

I’ve been using Arch Linux on my desktop at work for a while now and I really, really like it. It’s a bleeding edge, rolling release binary distro that also has a ports style build system for custom packages. Sweet.

I also switched from wmii to KDE 4.1.2 some months back. I’ve been keeping tabs on it for a while because, like many others, I thought 4.0 was a disaster (well, the disaster was that distros packaged it instead of KDE 3.5.x). Anyway, now at version 4.2.2 I have to say KDE is really awesome. I really love the new way of working, the widgets, the look, everything!

Well, not quite everything.. I’d really like to build a super light-weight KDE4 desktop without all that extra cruft like akonadi and nepomuk. I think that would be great for a netbook to compete with Windows 7, when it comes out.

Anyway this post is not about KDE4, it’s about Amarok – probably the best music player there is. For version 2.x they re-wrote it for Qt4. They made some controversial decisions like using embedded MySQL for the database backend, but I’ve no problem with that. Anyway, version 2.0.2 was recently released and it’s great. There is a PKGBUILD for it in the ArchLinux User Repository, but because of the hassles compiling it with needing to link to MySQL client libraries and older libgpod 0.6.0, etc, I built some binary packages for it for i686 and x86_64 architectures.

Recently, 2.1 Beta 1 was released (version 2.0.90) so I built packages for these too. If you use Arch, give them a try! And if you don’t use Arch, then try Arch first and then give them a try!

Amarok 2.1 Beta 1