Home_greyopenFATE - openSUSE feature tracking > #322201
Dashboard | Search | Sign up | Login

Please login or register to be able to edit or vote this feature.

Add option to disable updates by non-root users

Feature state

openSUSE Distribution
Marketplace

Description

An account meant for use by guests should not allow updates to be applied to the whole operating system and other applications, some of which may be intentionally invisible to nonroot users but are exposed to them by the update information. Which user accounts have the authority to update all of the software should be by options set in advance by root, and probably preset by defaults.
I previously asked about this at the Bugzilla (https://bugzilla.opensuse.org/show_bug.cgi?id=1012283 ), where I was referred to here, and in a support forum (https://forums.opensuse.org/showthread.php/520485-deny-amp-hide-updates-through-a-nonroot-user?p=2796242), where a suggestion was a CLI non-GUI method, which I started to try, but which is apparently seriously complex and not exactly clear. I will likely make the setting only once; I don't run a complex network with many changes. Thus, this should be in a GUI.
Two options for each nonroot user account, set only by root, would be helpful:
* Allow updates from the current (nonroot) user account.
* Allow notification of available updates in the current (nonroot) user account, although availability may be limited to another user.

The defaults should be to deny both options for every nonroot user. Of course, in root, both options would always be allowed unless the OS is being run from read-only media.

Discussion


No comments yet

Last change: 9 months ago
Voting
Score: 1
  • Negative: 0
  • Neutral: 0
  • Positive: 1
Tags
Feature Export
Application-xmlXML   Text-x-logPlaintext   PrinterPrint