As we discussed the last time this came up, yes, that seems fine. Handing out a token to root that provides an authorization to manipulate the system is analogous to allowing root itself to be doing removals without further store information, which we allow.
The necessary infrastructure for that is pretty much in place since we already have to maintain the local and remote macaroons separately, and the situation where the remote macaroon is missing or incorrect is already handled. If a store operation depends on a valid user, it will prompt for a full login, and once performed that will associate the remote macaroon with the existing local user instead of creating a new one. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1581713 Title: Ubuntu Software always asks for an Ubuntu Single Sign-On account when installing or removing a snap package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-gnome/+bug/1581713/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
