On 06/07/2013 04:00 AM, David Sommerseth wrote: > On 07/06/13 02:33, Todd And Margo Chester wrote: >>> >>> There is a long standing security reason non root users can't update >>> software which affect all users on the system. Remember over all *ux >>> design is based on a multi user model where only people granted root >>> access by password access or even better sudo access can affect all >>> users. This is a good thing, it was done in response to computer viruses >>> in the 70s. >> >> yes. I agree. If you look over at the bug report, the request >> is to prompt the user for the "root" password. Sort of like >> Mac OS does when they are install new packages. If the user does not >> know the root password, too bad. At least it will not try to >> install and then crash. There are several packages out there >> that already do this (ls /usr/bin | grep -i config) >> > > This is quite simple policy-kit changes. > > The network configuration changes is handled by this policy: > <file:///usr/share/polkit-1/actions/org.freedesktop.network-manager-settings.system.policy> > > If there's a specific binary which is called (other than > /usr/bin/firefox) to do these updates, it would be fairly simple to add > this feature. You would basically need a <action/> policy including a > line similar to this one: > > <annotate > key="org.freedesktop.policykit.exec.path">/path/to/binary</annotate> > > And then the updater need to be started via /usr/bin/pkexec ... and it > would Just Work. > > See the polkit(8) man page for more info. > > > -- > kind regards, > > David Sommerseth Hi David, I posted it over on the bug report. Thank you! -T