[poky] [PATCH 1/1] connman: add xuser to the dbus permission list
Koen Kooi
koen at dominion.thruhere.net
Wed Mar 9 23:24:34 PST 2011
Op 10 mrt 2011, om 07:40 heeft Xu, Dongxiao het volgende geschreven:
> Hi Ke,
>
> Yu, Ke wrote:
>> Hi Dongxiao,
>>
>> Thanks for the fix. I just feel it may be better to do it in rootless
>> x routine, instead of connman. because the "xuser" is introduced by
>> rootless x routine, and the user name is configurable by
>> /etc/X11/Xusername (details in
>> meta/recipes-graphics/x11-common/xserver-nodm-init.bb: pkg_postinst).
>> if the user name changed by user configuration, the connman will
>> break again.
>
> Thanks for pointing it out, your concern is reasonable. Hardcode xuser in
> connman's config file will have problems if user did any change to the name.
>
>>
>> So I wonder if connman has the standard interface to grant
>> permission, so that rootless x routine can call it to grant xuser
>> permission. e.g.
>> - A group-based policy, i.e. for any user belongs to the connman
>> group, it will has the required dbus permission.
>> - or a standalone command like "connman-perm xuser" which can add
>> xuser into connman-dbus.conf
>
> I found there is another item in the connman.conf, named "at_console",
> which can authenticate permissions to user.
> That module needs libpam as its basic. It seems that currently sato image
> didn't install pam into target system.
Note that at_console is utterly broken, I discussed it with Marcel in the past and he agrees something different needs to get used, but at that time (2008) there wasn't a good candidate.
regards,
Koen
More information about the poky
mailing list