[arch-general] coping with damaging updates

C Anthony Risinger anthony at xtfx.me
Thu Oct 27 16:15:18 EDT 2011

On 10/27/2011 02:34 PM, Manolo Martínez wrote:
> On 10/27/11 at 12:25pm, Leonid Isaev wrote:
>> Wheel has to done manually, of course. What *kit does, in a nutshell, is just
>> elevate priviledges of local users over remote, so you can have control over
>> devices attached to your machine.
> Should this be added to the Beginners' Guide at the wiki? I'm thinking of
> something ecumenical along the lines of "do it the usergroup way, or you may
> consider adding yourself to users and wheel and allow *kit to take care of the
> rest by launching your wm under a *kit-session.

im not sure it's that cut-n-dry, or even a 1-to-1 relation.  CK (which 
IIRC will be obsoleted altogether eventually by systemd facilities) 
offers finer grained access control than coarse FS groups can offer.  i 
don't know a tremendous amount about CK, but i believe it works 
alongside polkit, which many applications now look to for authorization 
... in a nutshell, apps may not *care* about FS perms because it is 
expected you are running an auth agent.

the fact is people/users expect better/cleaner ... and actually *MORE* 
flexible ... ways to delegate both access and administration duties. 
this is what the "*kits" try to achieve, with dbus playing mediator.

it's not all that different from pam_* modules -- sure, we could all be 
using /etc/passwd forever and a day, and many still are, but many 
contexts/installtions demand more ...

OT example:


... depends polkit.  i'd like to get that/freeipa2 up on arch.  im 
afraid(?) the *kits are here to stay, desktop or server.

C Anthony Risinger

More information about the arch-general mailing list