For the unity-webapps work the webapps team would like to install packages that only contain unity-webapps
passwordless for a better user experience. They are regular packages but of a very simple form, essentially
just a javascript file and a icon and no maintainer scripts.
My proposal would be to add a new class of policykit action "org.debian.apt.install-package-whitelisted" that
we can override the permissons via /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla (policykit-desktop-privileges) similar to what we did with "org.debian.apt.upgrade-packages".
The whitelist of the repository would be based on "Origin,Components" and packagename regexp. So something like:
(LP-PPA-app-review-board, main, ^unity-webapps-.*") for the webapps case.
For the unity-webapps work the webapps team would like to install packages that only contain unity-webapps
passwordless for a better user experience. They are regular packages but of a very simple form, essentially
just a javascript file and a icon and no maintainer scripts.
My proposal would be to add a new class of policykit action "org.debian. apt.install- package- whitelisted" that polkit- 1/localauthorit y/10-vendor. d/com.ubuntu. desktop. pkla (policykit- desktop- privileges) similar to what we did with "org.debian. apt.upgrade- packages" .
we can override the permissons via /var/lib/
The whitelist of the repository would be based on "Origin,Components" and packagename regexp. So something like: app-review- board, main, ^unity-webapps-.*") for the webapps case.
(LP-PPA-
Does that looks like a good approach to you?