[pacman-dev] Adding privilege levitation to pacman
Eli Schwartz
eschwartz at archlinux.org
Mon Jan 4 20:12:41 UTC 2021
On 1/4/21 1:46 PM, Emil Velikov via pacman-dev wrote:
> After a casual chat with some systemd and dbus devs - I was pointed at polkit.
> With polkit a) gaining and revoking root is trivial, b) it integrates
> nicely (better than gpg/pinentry) with tty, gnome, kde, etc, while it
> also c) provides for a consistent user experience.
"pinentry-program /usr/bin/pinentry-curses" integrates very nicely with
the tty too, and is apropos for not context-switching between a terminal
emulator running in a WM, and some popup window.
I'm not aware of a similar option for polkit, it would likely defeat the
purpose of most polkit uses though...
> I'm not sure if you're joking or trolling here. I am aiming for "least
> privilege", moving from yaourt which absolutely sucks in that
> department, with pacman being a tiny bit better.
I don't see how yaourt is tied to principle of least privilege. Neither
with yaourt, nor without yaourt, do you have principle of least privilege.
> Last but not least, to reiterate pacman will work as original when the
> system lacks polkit all together.
No it won't... because you need to link to libpolkit-agent in order to
support it, therefore it's a compile-time choice whether the "pacman"
package depends on the "polkit" package.
You could circumvent this by using exec(2) + /usr/bin/pkexec on the
whole process, or if, like systemd, you *already* contain a dbus
implementation that can send messages to org.freedesktop.PolicyKit1
without linking to polkit.
--
Eli Schwartz
Bug Wrangler and Trusted User
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/pacman-dev/attachments/20210104/a4af0c15/attachment.sig>
More information about the pacman-dev
mailing list