Comment 1 for bug 1040349

Revision history for this message
Alex (noneed4anick) wrote :

Hey Charlie,

thanks for your idea. I have already thought about this and I'm pretty confident that this is a MUST-HAVE feature for cuttlefish. It would be great to start or stop specific services according to the environment. But sadly I absolutely have no clue how to implement this feature.

The problem is that the reaction to the events should happen automatically. But running things as a privileged user is clashing with this idea, because the user has to authenticate himself. Currently there are three available solutions:

1.) passing the command to a SETUID program like sudo or gksudo -- I don't like this, because you need user interaction
2.) passing the command to a SETUID program that acts like sudo but without PAM -- yeah, I'm sure, I don't have to explain why any sane human being would not do that (it's due to security issues ;-) )
3.) Use PolicyKit -- this solution seems to be the best, because as far as I understand it will popup with an authentication window, but you can also create some configs to avoid this.

So obviously I'm heading for solution no. 3, but I haven't found much documentation on policykit yet and I'm not sure how the whole thing is working...