Comments on: YaST++: next step in system management

By: Stefan Schubert

Stefan Schubert — Wed, 07 Mar 2012 16:15:43 +0000

Matthias: If you are frustrated please go out and use other platforms where the a… words are used.
Jiri: Well done job, and thanks for the post. I have enjoyed very much !

By: Matthias

Matthias — Thu, 16 Feb 2012 21:00:38 +0000

Dude, you really need to take some english lessons. It doesn’t matter how good the code you write is, as long as your blog entries are riddled with grammar mistakes, you’ll make an ass-clown of yourself.

By: C. Kern

C. Kern — Thu, 16 Feb 2012 11:08:06 +0000

Thanks.

By: Jiří Suchomel

Jiří Suchomel — Thu, 16 Feb 2012 10:29:42 +0000

YaST (as a core) itsef is written in C++, yes, but the modules are written in YCP, which is the language I was mentioning. Look for example at http://en.opensuse.org/openSUSE:YaST_quick_tutorial

By: Jiří Suchomel

Jiří Suchomel — Thu, 16 Feb 2012 10:28:07 +0000

Yes, we actually plan to use augeas (its ruby bindings) in the lower layer.

By: Michal Hrusecky

Michal Hrusecky — Thu, 16 Feb 2012 09:45:43 +0000

Just a little side note, you know about augeas – utility for managing configuration files, right? While speaking about not reinventing the wheel…

By: C. Kern

C. Kern — Thu, 16 Feb 2012 09:37:28 +0000

> It is largely written in an outdated language which
> has its roots in last century and only few people
> in the world know it.

For the rest of us: Could you tell us what strange
language you are talking about?

(YaST itself seems to be written in C++, which
obviously does not match your “only few people
in the world know it” criterion. But maybe some
of the modules used by YaST may be written in
obscure other languages.)

By: Josef Reidinger

Josef Reidinger — Wed, 15 Feb 2012 14:11:16 +0000

Hi,
so what you expect from such library? We don’t want to reinvent wheel, but if there is something on high level for easier managing users it would be nice if you let us known what it should be.

For polkit authentification we need it on low-level, because we got usually complains that permission is too abstract and don’t have what is really allowed. So polkit permission is low level, but we plan to create roles management ( we actually already have it in webyast, so just move it down to yast++ library ). Then administrator can easy allow user management, but if they are interested, they can see what user can modify and also change role to fit what they want. We already have discussion where we should place level of permissions and decision is that we need both layer, so low level is real permissions and high level is roles, that contain set of permissions.

By: Jiří Suchomel

Jiří Suchomel — Wed, 15 Feb 2012 14:02:44 +0000

Calling useradd is an example of way to go. We might use direct modifications of /etc/passwd instgead, just like in current YaST.

About the polkit layer: yes, it is very low-level, it’s basically the same concept as used in webYaST. For usability, it is possible to create set of high-level rules, grouping those fine grained ones.

By: lnussel

lnussel — Wed, 15 Feb 2012 12:23:01 +0000

Taking a glimpse at the “passwd” agent this seems to be just old wine in new skins. Instead of developing a real library for managing users you call the useradd command. The polkit authentication is at the wrong abstraction layer. It doesn’t make sense to have a privileges to authenticate calling external commands, the privilege should be about managing users and hide the actual implementation details.