I'm about to build PackageKit 0.6.0 into rawhide, which bumps the
soname. I'll take care of rebuilding gnome-packagekit and kpackagekit
which is (I think) are the only users of the low level library API.
The other applications using the _session_ DBus connections should
continue to work as this API
2009/12/16 Nathanael D. Noblet :
> So basically, PK is designed for the non-experienced users, as such
> everything it does is dumbed down, and experienced users should just ignore
> it, using other tools to keep their system up to date.
See http://www.packagekit.org/pk-profiles.html
Richard.
--
2009/12/16 Mail Lists :
> The last part is a clean up phase which could be deferred to reboot
> or perhaps something a little more clever.
The devil is in the detail :)
Richard.
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel
2009/12/15 Colin Walters :
> This exists? Can you point me to the code?
I only finished this just this morning.
It's just been pushed to git master. You want to see this commit
http://cgit.freedesktop.org/packagekit/commit/?id=66d3fc26054abd528ee18017d9c67edb6400f239
for the juicy config bits.
2009/12/15 Seth Vidal :
> Now, having said that - how would you feel if the updater stopped you before
> it ran and said "you're running an app I'm trying to update, please close
> the app so I can update it". Would that be a pain or ok?
That's exactly the PackageKit functionality I've added for p
2009/11/19 Benjamin Kreuter :
> I would not say it is unreasonable to miss this detail,
> since Fedora is periodically used as a base for RHEL, which is certainly not a
> single user desktop system.
Sure, and RHEL default policy will most likely be different to the Desktop spin.
Richard.
--
fed
2009/11/19 Chris Adams :
> So there are no packages in releases/12/Everything that have privilege
> escalation bugs? All I have to do is wait for one to be found, and I
> have a signed path to root. Even if the package is fixed in updates, I
> just have to have a custom updates repo without it.
2009/11/19 Chris Adams :
> You keep saying that, but you are wrong. Otherwise, why do we even
> bother with passwords (and checking password strength)?
Authentication and authorisation are not the same problem at all. It's
probably worth reading the PolicyKit design documents.
Richard.
--
fedo
2009/11/19 Chris Adams :
> Once upon a time, Ricky Zhou said:
>> I might be wrong on this, but wouldn't the attacker need to trick
>> yum/packagekit into using the malicious repo first? I didn't think that
>> was allowed for non-root users.
>
> 1.5 words: NetworkManager. Think about it.
2 words
2009/11/19 Chris Adams :
> Once upon a time, Richard Hughes said:
>> Sure, that's not an insane idea at all. I would imagine most network
>> admins worth their salt would be shipping custom PolicyKit overrides
>> in F12 anyway.
>
> If that is the Fedora expect
2009/11/19 Paul W. Frields :
> It makes sense to me for the upstream defaults to be fairly
> restrictive, with changes being made downstream in distros (and their
> remixes/spins) to loosen those up as needed. In other words, our
> desktop package group would include whatever was needed to induce
2009/11/19 Owen Taylor :
> By having that two part policy, and having the straightforward user
> configuration GUI that we've been wanting for years, I think we cover
> almost everything. And we don't have to ask the user at install time a
> question that they can't answer: "do you want your machin
2009/11/19 Jeff Garzik :
> 1) We should recognize this new policy departs from decades of Unix and
> Linux sysadmin experience.
Sure, it's different. It doesn't make it wrong.
> 2) F12 policy should be reverted to F11, ASAP. Possibly with a CVE.
PolicyKit in F12 doesn't have the auth_admin (and
2009/11/19 Naheem Zaffar :
> policykit-profile-server
> policykit-profile-controlled-deployment
> policykit-profile-personal-desktop
Sure, that's not an insane idea at all. I would imagine most network
admins worth their salt would be shipping custom PolicyKit overrides
in F12 anyway. Aim for the
2009/11/19 Rahul Sundaram :
> Right. The alternative really is defining the roles and the target
> audience clearly for distinct set of policies and allowing the user to
> trivially select it during or post-installation.
I disagree, most people will just go for the default option without
understan
2009/11/18 Chris Adams :
> I would like to see this discussion separate from discussion about the
> current issue with PackageKit.
That would be nice :)
The problem is who to target. If you call Fedora a desktop distro,
then it makes perfect sense for local users to be able to shutdown the
comput
2009/11/18 Eric Christensen :
> Has anyone drafted a notice to go out on the Announce List explaining
> this vulnerability? If admins don't know to fix/remove PK then they are
> putting their systems at risk.
I'm really bored of this conversation. The bikeshed is blue. There are
much bigger probl
2009/11/18 Seth Vidal :
> Richard,
> to be fair, when I asked you how to edit a .pkla file you couldn't tell me.
> So, if our engineers don't know the basics, how should our users?
Fair comment. Release notes additions might be good in this regard.
Richard.
--
fedora-devel-list mailing list
fe
2009/11/18 Jeff Garzik :
> And this enormous security hole of a policy change was done with next to
> /zero/ communication, making it likely that many admins will not even know
> they are vulnerable until their kids install a bunch of unwanted packages.
F11 had retained authorisations, which argua
2009/11/18 Jeff Garzik :
> How little social engineering + virus automation does it take to get such an
> install to include a malicious 3rd party repo?
You need the root password to install from repos not signed by a key
previously imported, or if the package signature is wrong.
Richard.
--
fe
2009/11/18 Steve Grubb :
> And I wonder what the audit trail will show? Does it show which user installed
> these packages?
Yup, take a look at pkcon get-transactions or just use gpk-log to see
it graphically.
Richard.
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.r
2009/11/18 nodata :
> You install software with a known buffer overflow before it is fixed and
> exploit it. More software = more chances to exploit. Bingo!
Why would the additional package start extra services? I thought there
were guidelines about that. Anyway, if the user has physical access to
2009/11/18 Bob Arendt :
> I haven't tried .. but does this this also include the capability for
> my grade-school child to *remove* software using their account?
> Like gcc? glibc? gdm? All fun activities ...
No, removing is a different "role" and requires a different
authentication. The defaul
2009/11/18 Andrew Haley :
> Is there some way to disable PackageKit but keep setroubleshoot?
Just set all the policykit answers to "no". You'll find more than just
setroubleshoot breaks if you do this.
Richard.
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.co
2009/11/18 Casey Dahlin :
> By the admin's first opportunity to change the settings the box could already
> be rooted.
I'm not sure how you can root a computer from installing signed
content by a user that already has physical access to the machine.
Richard.
--
fedora-devel-list mailing list
f
2009/11/18 Jonathan Underwood :
> Well, it's all a bit inconsistent presently:
> $ yum install maxima
> Loaded plugins: presto, refresh-packagekit
> You need to be root to perform this command.
yum isn't PackageKit. Different tools, different feature-sets.
Richard.
--
fedora-devel-list mailing
2009/11/12 James Laska :
> preupgrade to F12 is basically not going to work for anyone
> without significant manual workarounds, due to insufficient disk
> space on /boot. I think we may need to talk to hughsie and/or
> the desktop team about removing the preupgrade inte
2009/11/3 Joerg Schilling :
> if there legal department was wrong. I still do not understand why Companies
> like Redhat do not siply ask their lawyers for legal assistence. If they did,
> they would have better advise about cdrtools.
Just a small thing that drives me crazy. The company name is "R
2009/10/21 John Poelstra :
> 520750 - PackageKit - ASSIGNED - Software Update windows checks for update
> does not stop ..
This has been reported by one person (no dupes), and I'm still waiting
for more information. I suspect it's actually a hardware problem or
file-system corruption on the repor
2009/10/16 Ankur Sinha :
> Richard, I'd like to take this up. What do I need to know/learn?
> btw, I'm a sort of a newbie at application development though.
Well, the application development is perhaps 10% of the problem. 90%
of the problem is identifying the core problem, working out how users
ar
2009/10/16 Rahul Sundaram :
> Couldn't you hook this into PackageKit and leave it disabled by default?
Well, in one sense it's entirely fedora specific (updates testing
repos, bohdi, and koji) and in other ways it's a problem all the
distros are facing, in that test updates get little to no covera
2009/10/16 Rahul Sundaram :
> It has been suggested before. At one point, Richard Hughes pitched it in
> the packagekit list and they didn't like it and so he wanted to write a
> separate app but nothing has come out of it so far.
Yes, I think it makes a lot of sense to write somet
I've just built a new F12 DeviceKit-power package[1] in koji which
should be in tomorrows rawhide. This should fix some of the issues
people were having with adding and removing devices. Please can you
give this build a test, and please then reply if it either fixes a
problem you were having with t
2009/9/3 Rawhide Report :
> PackageKit-0.5.2-0.1.20090902git.fc12
> -
> * Wed Sep 02 2009 Richard Hughes - 0.5.2-0.1.20090902git
> - Update to a newer git snapshot from the 0.5.x series.
> - Should fix some issues with KPackageKit.
Heads up:
2009/8/28 Muayyad AlSadi :
> or wait till the PK API is rewritten so that mounting is done in the
> non-privileged console user part
Not re-written, but written. I've explained how to do this in the
past, it just needs someone with an itch-to-scratch to implement it
properly.
Richard.
--
fedor
2009/8/27 Rahul Sundaram :
> On 08/27/2009 06:37 AM, Michel Alexandre Salim wrote:
>> Sounds great. In this case, this would be gnome-packagekit specific,
>> right? I would not need to touch the backend at all.
>
> In my understanding, that is correct.
Yes, the majority of the work woulf in the cl
2009/8/26 Michel Alexandre Salim :
> So, it turns out that the reason I didn't notice this functionality is
> that the error message given by gnome-packagekit was slightly
> unintuitive: it did /not/ inform the user that the uninstallable
> package has been deselected, and to continue installing.
2009/8/25 Kevin Kofler :
> Richard Hughes wrote:
> (but Bodhi / the metadata / PackageKit have no way of marking a restart of
> only the session as recommended) for that kind of updates.
PackageKit detects if the process is running, and asks the user to
logout and log back in in
2009/8/25 Paul W. Frields :
> I might be wrong, but I could swear that PK acted like this in my
> Rawhide machine the other day when there was a particular deps problem
> at the mirror.
PK already does skip-broken, but can't run if the transaction fails in
the rpm transaction (file conflicts) rath
2009/8/25 Nathanael D. Noblet :
> Is this a legitimate request? Should I file a bug / feature request?
It depends. If the bodhi metadata says "restart-required" then
PackageKit honours this.
Richard.
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/l
2009/8/13 Rahul Sundaram :
> There is a difference between the changelog and the bodhi update
> information. The latter also covers software changes.
The people on this mailing list know what a ChangeLog is, and how to
read one. These people (real people, not geeks) do not know what a
ChangeLog is
2009/8/12 Jesse W :
> What would be a good next step for me to take to help get descriptions added
> to these updates (and make sure this happens less often in the future) ?
I've even coded a test patch to bohdi (attached) to warn maintainers
when they are prepping the update without a description
2009/8/5 Josephine Tannhäuser :
> KDE 4.3 will come to F11 and F10. It's a cool thing.
> There aren't updates like this for Gnome. Why not?
> F10 with Gnome 2.26 sounds fine to me.
Because I don't want to _support_ the latest and greatest GNOME on old
versions. A lot of the GNOME stack would requi
2009/7/31 Colin Walters :
> I just want to say this is great work, and was sorely needed. Do you
> know if there's anyone interested in working on installing updates
> before reboot/relogin?
No, but it needs to be done. It's the sort of thing that PackageKit
can do easily.
Richard.
--
fedora-d
2009/7/31 Nathanael Noblet :
> But by 'log out' it really means reboot doesn't it?
Not really. If you're running an old version of gimp, you can restart
the process by logging out and logging back in, you don't have to
reboot. PackageKit splits these up into about 5 categories, being:
1. applicat
2009/7/30 Nathanael D. Noblet :
> So I recently updated F11 and was told I needed to log off for the changes
> to take effect. When I click the yield type sign and select log off, I get
> the dialog for shutdown, restart, hibernate, suspend... Just a small
> suggestion, maybe I'm off base, but 'Lo
2009/7/22 Pasi Kärkkäinen :
> He's been trying to identify the problem with powertop, disable services
> etc, but hasn't been able to match the battery life of Windows.
> Have you guys thought about this?
Depends on the hardware. If it's friendly graphics and intel
networking, we should compare qu
2009/7/22 Martin Langhoff :
> On Wed, Jul 22, 2009 at 6:50 PM, Richard Hughes wrote:
>> 2009/7/22 Matthias Clasen :
>>> Amazingly, Richard fixed quite a few of the incoming bugs already, while
>>> the test day was still ongoing, and people were able to confirm that the
2009/7/22 Matthias Clasen :
> Amazingly, Richard fixed quite a few of the incoming bugs already, while
> the test day was still ongoing, and people were able to confirm that the
> fixes are working. Well done!
Sure, and in mutual back-patting, Matthias did a great job
coordinating things. I'm sure
2009/7/20 Muayyad AlSadi :
> and the feature works, the rest is to minor fixes, license issues,
> communication with upstream.
> how much time do I have to make it 100% complete ?
> should it be 100% complete before
You're going to have to sort out the licence issues and get it
upstream to package
2009/7/17 Michael Cronenworth :
> There are some folks that have UPS battery backups that used to function
> under HAL and F10. Now that DeviceKit has removed all references to UPS
> devices until they figure out how they want to add them back in,
There were two bugs that stopped UPS devices being
2009/7/17 Fulko Hew :
> (Personally, I have a little 'service' that disables the power management
> on my laptop (on F8), but I haven't found where to execute it when the
> laptop comes out of 'suspend'?)
Check out pm-utils, it allows you do what you want.
Richard.
--
fedora-devel-list mailing
2009/7/17 Mathieu Bridon (bochecha) :
> >From today's update in Fedora 11:
> $ rpm -q --changelog DeviceKit-power | head
> * lun. juil. 06 2009 Richard Hughes - 009-1
> - Update to 009
> - Fixes many problems with multi-battery laptops
> - Use pm-powersave like HAL use
On Sat, Jun 27, 2009 at 5:02 PM, Jason L Tibbitts III wrote:
> That's absolutely no incentive to me; substitute Dr. Pepper or some
> good tea, though I have some free time today so I'll try to take
> a look.
Good tea can be arranged. :-)
Richard.
--
fedora-devel-list mailing list
fedora-de
I've recently obtained a Dell Mini 10, which comes with the BCM4312
LP-PHY. Now, I know it can't work until the LP stuff is worked out,
but instead I've been looking at the firmware situation.
I knew the firmware was non-free. I didn't know there was a free
re-implementation called OpenFWWF. So, y
On Thu, Jun 18, 2009 at 7:09 PM, Richard W.M. Jones wrote:
> Can the malware inject code into the process which gained the
> authentication (eg. using ptrace)?
Also, using a new PackageKit the worst you'll be able to do is install
signed software from already configured repos. Installing untrusted
On Fri, Jun 5, 2009 at 4:43 PM, Mathieu Bridon
(bochecha) wrote:
> 1. user chooses a language in GDM for the first time
> 2. PK tries to install the -support group
We need to come up with a system that isn't based on Fedora, as ubuntu
might call this something different. In fedora we might install
On Thu, Jun 4, 2009 at 9:02 PM, Steven M. Parrish wrote:
> We are aware of the kpackagekit issue and are awaiting a release from the
> upstream developers. It should be released later today and after a bit of
> testing I will get it into the repo asap.
Update created:
https://admin.fedoraproject.
On Thu, 2006-03-23 at 09:30 -0500, Jeff Spaleta wrote:
> On 3/22/06, Thomas Canniot wrote:
> > Maybe we could do something here that really helps people, newbies who
> > are just installing their first linux distribution. I dreamt of an
> > anaconda that helps newbies make their first steps in Fed
On Wed, 2006-03-22 at 10:44 -0500, Jeremy Katz wrote:
> On Wed, 2006-03-22 at 12:30 +0000, Richard Hughes wrote:
> > I think ubuntu use bootsplash [http://www.bootsplash.org/] but I think
> > that requires a patch to the kernel away from vanilla, so that might not
> > be
Now that FC5 has hibernate working for lots of people, how about we do
something about the delay which currently is displayed as a black
screen?
I click the hibernate button, and am presented with the black screen for
about 30 seconds as my ram is swapped out to disk. At resume, I'm
presented with
On Wed, 2006-03-15 at 11:50 +0100, Nicolas Mailhot wrote:
> Le Mer 15 mars 2006 03:51, Bill Nottingham a écrit :
> > Chris Adams (cmad...@hiwaay.net) said:
> >> > > What do you think about the attached patch to ifup-wireless? Works
> >> for me :)
> >> >
> >> > This should really be done in NM.
> >>
On Mon, 2006-03-06 at 17:05 +0100, Patrice Dumas wrote:
> > Things like hal / gnome-power-manager right now works well for the core
> > distribution (some day we'll even get rid of acpid) so I'm not sure why
> > acpitool (which admittedly may be useful for admins / expert users with
> > special nee
On Thu, 2006-03-02 at 03:17 -0500, Build System wrote:
> dbus-0.61-3
> ---
> * Fri Feb 24 2006 John (J5) Palmieri 0.61-1
> - Upgrade to upstream version 0.61
This breaks gnome-power-manager in rawhide.
It's because with dbus >= 0.61, struct are now "typed" (from dbus-glib's
point of view
Seth Vidal wrote:
>
>> And how do you define "library"? There's no reliable way to
>> distinguish them
>> from applications.
>
> This is part of the problem. It would be nice to have all things which
> are strictly libraries add a "provides: Library something" and, of
> course, to have all libs s
Valent Turkovic (valent.turko...@gmail.com) said:
> On Wed, May 27, 2009 at 1:31 PM, Rahul Sundaram
> wrote:
> > Hi
> >
> > I did a quick survey from Fedora on what software Fedora users are using
> > that is not available in the repo. Here are the results. If you find
> > anything interesting, f
66 matches
Mail list logo
