Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Whitelist dbus service and configuration for policycoreutils-dbus (bsc#1213435) #1117

Merged
merged 1 commit into from
Oct 6, 2023
Merged

Whitelist dbus service and configuration for policycoreutils-dbus (bsc#1213435) #1117

merged 1 commit into from
Oct 6, 2023

Conversation

FilippoBonazziSUSE
Copy link

Whitelist dbus service and configuration for policycoreutils-dbus (bsc#1213435)

@mgerstner
Copy link
Contributor

Looks good content wise. I wonder if the file /etc/dbus-1/system.d/org.selinux.conf should be moved to /usr/share/dbus-1/system.d, since there is an effort to move all such files to /usr. There is still a number of packages that ship their stuff in /etc, but for new packages it could make sense to do it right from the start.

@FilippoBonazziSUSE
Copy link
Author

I saw that yesterday as well and was wondering the same. Is it really as simple as packaging the same file under /usr/share and everything will still work the same? Because right now I'm not keen to drop everything and investigate if it doesn't...

@mgerstner
Copy link
Contributor

I saw that yesterday as well and was wondering the same. Is it really as simple as packaging the same file under /usr/share and everything will still work the same? Because right now I'm not keen to drop everything and investigate if it doesn't...

Yes there shouldn't be any side effects to that. From man dbus-daemon:

The standard system bus normally reads additional XML files from /usr/share/dbus-1/system.d. Third-party packages should install the default policies necessary for correct operation into that directory, which has been
supported since dbus 1.10 (released in 2015).

The standard system bus normally also reads XML files from /etc/dbus-1/system.d, which should be used by system administrators if they wish to override default policies.

Third-party packages would historically install XML files into /etc/dbus-1/system.d, but this practice is now considered to be deprecated: that directory should be treated as reserved for the system administrator.

@FilippoBonazziSUSE
Copy link
Author

Alright, let me fix the packaging, do some testing and update this PR

@FilippoBonazziSUSE FilippoBonazziSUSE force-pushed the whitelist_policycoreutils-dbus branch from c3f5fbf to 6d5242b Compare October 6, 2023 09:41
@FilippoBonazziSUSE
Copy link
Author

Packaging fix submitted in https://build.opensuse.org/request/show/1116005

I've updated the whitelisting here as well, can you recheck?

@mgerstner mgerstner merged commit 4b34bab into rpm-software-management:opensuse Oct 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mgerstner mgerstner mgerstner approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@FilippoBonazziSUSE @mgerstner