unprivileged users can update the system !
Stephen Gallagher
sgallagh at redhat.com
Tue Aug 27 18:17:13 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/27/2013 01:14 PM, Jehan Procaccia wrote:
> I am using Fedora19 on hundred of stations for students, to my
> surprise I noticed that anyone connected locally can update all
> packages of the station ! the thing is that when the user connect
> to the station, there's a notifcation that pops-up saying that
> there are updates available accepting to proceed leeds to an update
> of all the station packages ;-( apparently cliking on the
> notification start gpk-update-viewer (seen that with ps auwx) if
> the student tries to issue a yum update on the cli, then he is
> refused "You need to be root to perform this command."
>
> we need to maintain an homogenous state of update on all station,
> how can I prevent users from update stations themself ? Thanks.
>
The policy should be that only members of the "wheel" group should be
able to do that. Please file a bug in Bugzilla if you see otherwise
(file it against PackageKit).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlIc7SkACgkQeiVVYja6o6OrxACeL1zNy3xWxugLhwULgjaUXmTW
ayYAoKbvmLK2t1WHBFGluj4RSY6MNqDI
=f5hL
-----END PGP SIGNATURE-----
More information about the users
mailing list