[Dev] Gumd and security-manager integration

Jussi Laako jussi.laako at linux.intel.com
Thu Oct 16 08:23:45 GMT 2014


On 15.10.2014 0:55, Stéphane Desneux wrote:
> * the idea to use hooks to initialize user databases (migration of app
> fw to multiuser) has already been reviewed some months ago and the
> conclusion was already there: no hooks. Does the position of gumd
> "inside" the security-manager changes this conclusion ? Is it worth
> evaluating this solution again ?

For example gSSO needs these hooks in order to clean up user's 
credential database when user is deleted. It is not located under $HOME, 
as user himself must NOT be able to have direct access to it.

Of course we could follow layering pattern and state that gSSO would 
implement user management API that would call security manager API that 
would call gumd API in order to hook to the user removal?

> * having a kind of "sanity" service at startup could be a way to
> cleanup/adjust what needs to be after each reboot. For example, for user

How frequently do you expect to reboot? I'm usually rebooting my mobile 
devices roughly once per year or two years.



More information about the Dev mailing list