Hi, Ludovic Courtès <l...@gnu.org> writes:
> Hi, > > Maxim Cournoyer <ma...@guixotic.coop> writes: > >> Ludovic Courtès <l...@gnu.org> writes: >> >> [...] >> >>> Yes, ‘sudo herd status TAB’ cannot work because it would need to run >>> ‘sudo herd status’ to get the list of available services. >> >> Maybe i could run this once and cache the result? I think I've seen this >> pattern before for bash completion. > > I think it’s safer for completion code to not attempt to run code as > root when the user is not root (yet). Good point. It seems systemd is able to offer very complete completion by querying its daemon thanks to the queries happening via D-Bus, which offers a fine-grained policy. So the list-all-units action for example can be used by unpriviliged users (and the bash completion scripts) while something like reboot requires root. Shepherd, communicating through a root-only writable socket, doesn't enjoy this kind of fine-grained access. -- Thanks, Maxim
