[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Enabling motd feature


On Wed, Apr 6, 2016, at 06:36 AM, Kushal Das wrote:
> Hi,
> As part of F24 changes, rtnpro worked on the motd[1] change. We need
> someone to commit on the fedora-atomic side to include the package [2],

FWIW the fedora-atomic git repo migrated to 
where it can get pagure PRs.

That said I have some detailed and high level concerns.

The detailed concerns are a security issue and a buglet:

The high level concern is having this functionality live
outside of the update system and the login system
is rather awkward.  I really don't like calling into rpm-ostreed from
inside every PAM login.

Among other reasons, the first ssh login might e.g. be ansible
trying to configure the host, and having rpm-ostreed be spun
up for that when the administrator might actually want to do
something else is problematic - the check-updates will
block whatever action they want to take (e.g. rpm-ostree rebase).

The way it hooks into dnf is a bit better from this perspective.  But
since rpm-ostree is already a daemon, it might be simplest to
have it just write out the required data in /run/rpm-ostree/bash-check-updates
only after the administrator requests an update once or so?

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]