[Bug 1035207] Re: [FFe] passwordless install of webapps (based on repo whitelist)

Launchpad Bug Tracker 1035207 at bugs.launchpad.net
Thu Sep 13 08:05:10 UTC 2012 

This bug was fixed in the package aptdaemon - 0.45+bzr861-0ubuntu1

---------------
aptdaemon (0.45+bzr861-0ubuntu1) quantal; urgency=low

  * New upstream snapshot:
    - lp:~mvo/aptdaemon/support-for-whitelisted-repositories that adds
      support for a new trusted-repo policykit action LP: #1035207
    - lp:~vorlon/aptdaemon/lp.1034806 that fixes unicode/str errors
      LP: #768691, #926340, #1034806
  * debian/patches/fix_gettext_return_value_type.patch:
    - dropped, merged as part of lp:~vorlon/aptdaemon/lp.1034806
 -- Michael Vogt <michael.vogt at ubuntu.com>   Thu, 13 Sep 2012 09:13:07 +0200

** Branch linked: lp:~aptdaemon-developers/aptdaemon/ubuntu-quantal

** Changed in: aptdaemon (Ubuntu)
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to aptdaemon in Ubuntu.
https://bugs.launchpad.net/bugs/1035207

Title:
  [FFe] passwordless install of webapps (based on repo whitelist)

Status in “aptdaemon” package in Ubuntu:
  Fix Released

Bug description:
  For the unity-webapps work the webapps team would like to install packages that only 
  contain unity-webapps passwordless for a better user experience. They are regular packages but of a very simple form, essentially just a javascript file and a icon and no 
  maintainer scripts.

  My proposal would be to add a new class of policykit action:
  "org.debian.apt.install-packages.high-trust-repo" that requires the same authentication by default as install-or-remove-packages (i.e. auth_admin).

  This can then be override by the webapps package via
  /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla
  (policykit-desktop-privileges) similar to what we did in the
  policykit-desktop-priviledges with "org.debian.apt.upgrade-packages"
  to not require a password prompt.

  The whitelist of the repository would be based on "Origin,Components" and packagename regexp. So something like: (LP-PPA-app-review-board, main, ^unity-webapps-.*") for the webapps case and this would be shipped as part of the webapps-package into 
  /etc/aptdaemon/high-trust-repository-whitelist.d/

  This is all implemented now and I would like to ask for a feature freeze exception to add
  this into current quantal.

  Note that this feature is generic enough to be useful other use-cases
  like internal company repositories that are trusted.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1035207/+subscriptions

More information about the foundations-bugs mailing list