> On Debian, we would like to start running applications as normal user:
> briefly, in Joachim's words, "frameworkd D-Bus config should allow all
> members of a given system group to use D-Bus calls, but not own the
> D-Bus names" [1].
Yes, please, please, pretty please. [ He said, after updating his
frameworkd.conf file by hand yet again ].
> Thus, we are faced with a decision: which system group should be set as
> the default for frameworkd access?
FWIW, I chose "staff" here, after taking a look at the groups of which
my user was a member (IIRC I created this user with just "adduser
monnier").
I'm not sure if "staff" is a good choice, because I don't know what is
its intended use (the /etc/group file syntax doesn't allow comments,
sadly :-( ), but to the extend that it seems to carry the idea of "not
quite a sysadmin, but not just any random user either", it seemed like
a good choice.
> However, since frameworkd depends on D-Bus, the installation of the
> latter creates another system group:
> messagebus
What would be the consequence of adding messagebus to my "monnier" user?
Would it give it too many rights?
> In the past, in what IIRC is the relevant thread, I fully supported the
> choice for the dialout system group [3], because the primary function
> for the FR is making phone calls.
AFAICT, this affects access to most devices (wifi, gps, gsm, bluetooth),
so it goes much further than just "dialout".
> However, given the fact that frameworkd ambition is bigger than simply
> managing a mobile phone, I understand that the dialout system group can
> be seen as reductive. That is why I'm asking here :-)
In frameworkd.conf we could also use different groups for the different
parts (ogsmd/onetworkd/frameworkd/ogpsd/...).
Stefan
_______________________________________________
Smartphones-userland mailing list
Smartphones-userland@linuxtogo.org
http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/smartphones-userland
