root password prompts

[Tim Waugh]

On Wed, 2010-05-26 at 14:39 -0400, Tom Horsley wrote:
> Today I was running system-config-printer to install all
> the various printers around here at work on a freshly
> installed fedora 13 system running as a brand new user
> in a standard gnome session.

As with other PolicyKit-enabled applications, you can configure the
amount of password dialogs you need to see.  You can reduce this to
'none at all' if you like.

For an example configuration which removes the need to see any
CUPS-related password dialogs when configuring the local machine, see
this short description I wrote:
https://fedoraproject.org/wiki/Printing/ConfigurationTool#PolicyKit_configuration

That configuration file applies to actions matching
"org.opensuse.cupspkhelper.mechanism.*", i.e. everything that
cups-pk-helper provides.  You can also extend that to
"org.fedoraproject.config.*" for the other configuration tools in
Fedora, and "org.libvirt.unix.*" for everything to do with
virtualization, etc.

Yes, it is a bit mad that you get so many root passwords when adding a
printer, but system-config-printer needs to use these actions:

* org.fedoraproject.config.firewall.auth (to read the firewall
configuration, to be able to offer the ability to actually find any
network printers)

* org.opensuse.cupspkhelper.mechanism.devices-get (to be able to find
any devices at all)

* org.opensuse.cupspkhelper.mechanism.printeraddremove (to be able to
actually add a printer)

The policy for these actions is shipped as part of the cups-pk-helper
package.  The over-arching Fedora policy that specifies what the package
must ship is here:
  https://fedoraproject.org/wiki/Privilege_escalation_policy

Tim.
*/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20100527/75282aa8/attachment.bin