On Thu, Apr 16, 2015 at 9:43 AM, Tom Gundersen <t...@jklm.no> wrote: > On Thu, Apr 16, 2015 at 4:52 PM, Andy Lutomirski <l...@amacapital.net> wrote: >> The ratio of complexity of capability code the kdbus folks have >> already written (hundreds of lines across multiple files) to its >> utility (very near zero AFAICT) is, in my book, not a good sign at >> all. > > We have several uses of this, see my mail to Jiri regarding > CAP_SYS_BOOT for instance: > https://lkml.org/lkml/2015/4/16/219 >
This could easily be done with polkit and a special `boot` group. Why does it need to use CAP_SYS_BOOT? I mean why would you even *want* CAP_SYS_BOOT to be used for this? Using CAP_SYS_BOOT means that anything you want to let cleanly shutdown the system you would also allow to do a hard shutdown and thus cause data loss in many cases. In summary: not **necessary** or **ideal** to use a capability in this case. If you could be so kind, could you summarize the other uses you have? And if you can, explain why using regular user/group credentials does not achieve the goal. Thank you, -- Cameron Norman _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel