I would gladly make the change to the hildon-desktop code to pull in a statusbar.d directory, however I'm not sure the owner would agree to accept it and it may take a while to push upstream. I can take the AR to ping the maemo folks about it though.
As for the sudoers issue, there are currently three "applications" that need to be granted root access to be run by ume: network-admin and time-admin from the gnome-system-tools package, and moblin-touchscreen which edits the xorg conf file. All three are executed by a call to g_spawn_async with gksu as the command and the argument as one of the aforementioned three apps. Without the sudoers edit they cause the password request screen to pop up, which, while a minor inconvenience on desktop environments, is a major hassle on a mobile device, particularly as most mobile users won't even be aware of or care about accounts or passwords. If editing /etc/sudoers directly is unacceptable, perhaps we can work to upgrade the sudo package to provide a safe, standard infrastructure for allowing specific users to execute specific processes as root without a password. Maybe a sudoers.d directory which includes more complex data files that tie user ids to executables as well as the packages they're installed in. I'm just hesitant to create some sort of moblin-applets root settings daemon which will require intimate knowledge of packages we don't control (gnome-system-tools for instance). -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tollef Fog Heen Sent: Monday, October 15, 2007 4:29 AM To: ubuntu-mobile@lists.ubuntu.com Subject: Re: Moblin-applets * Matthew Garrett | There's a couple of issues with moblin-applets that I'd prefer to | discuss before getting it into the archive. The first of these is the | modification of the hildon-desktop statusbar config. Shipping a copy in | hildon-desktop and then modifying it in the moblin-applets postinst | would result in a conflict every time the file changes in the | hildon-desktop package. Diversions work badly with conffiles, so I'd be | interested in opinions on how to handle this situation. The usual way would be to make hildon-desktop have a statusbar.d with configuration file fragments it assembles. [...] | A better solution would involve separation of privileges, with the | privileged operations being carried out by a suid backend with careful | validation of all input. However, I appreciate that implementing this | before gutsy is probably unrealistic. What do other people think? Agreed on both counts. Would it be possible to make it use gksu and not modify sudoers, for now? -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- Ubuntu-mobile mailing list Ubuntu-mobile@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-mobile -- Ubuntu-mobile mailing list Ubuntu-mobile@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-mobile
