On 01.07.2016 17:30, Didier Kryn wrote:
> Le 01/07/2016 16:59, Enrico Weigelt, metux IT consult a écrit :
>> what I never really actually understood: what do we really need it
>> for ? what's the real-world problem behind to be solved ?
>

>     The real problem behind was to replace sudo by something more
> complicated, for the sake of complication. 

Yeah, that's also my feeling.

The main point, IMHO, is people tried to move everything to dbus
(and, of course, everbody hanging on one bus, and too fat services),
so at some point they needed something to cross user boundaries.

I really wonder, why individual services can't just have their
own sockets do authentication via pids and groups. Or - if it should
be grid-capable - just do it the plan9 way ...

>     Replacing a simple system with a complicated one, may be an amusing
> game, but should remain a game.

Well, in my last customer project, I had to see that it's often not just
a game. These yankees really wrote extra "oop"-wrappers for simple libc
functions ...

>     Therefore, IMHO, we are left with two options: either elaborate a
> polkit-shim or discard applications which use it.

Or, for the few applications we really need, just implement it
correctly.


--mtx

--

mit freundlichen Grüßen
--
Enrico Weigelt,
metux IT consulting
+49-151-27565287