[Bug 1035207] Re: [FFe] passwordless install of webapps (based on repo whitelist)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Sep 12 14:34:48 UTC 2012 

The aptdaemon changes proposed matches our requirements, as it's just
the framework, not the whitelist file itself.

The whitelist file for webapps needs to be in a separate package, and
the requirements listed must be met for that.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to aptdaemon in Ubuntu.
https://bugs.launchpad.net/bugs/1035207

Title:
  [FFe] passwordless install of webapps (based on repo whitelist)

Status in “aptdaemon” package in Ubuntu:
  Triaged

Bug description:
  For the unity-webapps work the webapps team would like to install packages that only 
  contain unity-webapps passwordless for a better user experience. They are regular packages but of a very simple form, essentially just a javascript file and a icon and no 
  maintainer scripts.

  My proposal would be to add a new class of policykit action:
  "org.debian.apt.install-packages.high-trust-repo" that requires the same authentication by default as install-or-remove-packages (i.e. auth_admin).

  This can then be override by the webapps package via
  /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla
  (policykit-desktop-privileges) similar to what we did in the
  policykit-desktop-priviledges with "org.debian.apt.upgrade-packages"
  to not require a password prompt.

  The whitelist of the repository would be based on "Origin,Components" and packagename regexp. So something like: (LP-PPA-app-review-board, main, ^unity-webapps-.*") for the webapps case and this would be shipped as part of the webapps-package into 
  /etc/aptdaemon/high-trust-repository-whitelist.d/

  This is all implemented now and I would like to ask for a feature freeze exception to add
  this into current quantal.

  Note that this feature is generic enough to be useful other use-cases
  like internal company repositories that are trusted.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1035207/+subscriptions

More information about the foundations-bugs mailing list