Bug#857678: [Pkg-utopia-maintainers] Bug#857678: use /run prefix in systemd socket unit

2020-05-15 Thread Jörg Behrmann 
Ah, sorry. I had only checked debian/master on salsa and had missed 
debian/experimental.


signature.asc
Description: PGP signature

Bug#857678: use /run prefix in systemd socket unit

2020-05-15 Thread Simon McVittie 
On Fri, 15 May 2020 at 12:06:18 +0200, Jörg Behrmann wrote:
> It would be wonderful if dbus would be configured with the appropriate 
> --with-systemd-socket

This has already happened in experimental. It's on my list to do
in unstable, but uploading dbus is a slow process (test-builds and
unit tests for amd64 and i386 take a long time, and smoke-testing the
resulting package requires a reboot, which is disruptive) so I haven't
got there yet.

smcv

Bug#857678: [Pkg-utopia-maintainers] Bug#857678: use /run prefix in systemd socket unit

2020-05-15 Thread Michael Biebl 
Am 15.05.20 um 12:06 schrieb Jörg Behrmann:
> I just wanted to open this very same bug.
> 
> Could this issue maybe be looked at again? /run seems to have now won and
> /var/run only be used by legacy systems. systemd automatically updates the 
> path
> to /run even if /var/run is set, but logs a warning, that leads to quite a bit
> of log spam in tje journal.
> 
> It would be wonderful if dbus would be configured with the appropriate 
> --with-systemd-socket

From
https://tracker.debian.org/news/1120858/accepted-dbus-11314-1-source-into-experimental/

   * Change system bus socket to /run/dbus/system_bus_socket.
 The interoperable cross-distro path is /var/run/dbus/system_bus_socket,
 so this remains the upstream default for the benefit of distributions
 where /var/run and /run are (problematically) not guaranteed to be
 equivalent. However, Debian Policy since at least v4.1.5 guarantees
 that /var/run is a symlink to /run, and this has been implemented
 for several stable releases (since at least initscripts 2.88dsf-29
 in 2012, in the sysvinit case), so it is harmless to prefer the
 path in /run, which has advantages in a few corner cases (ability
 to unmount /var is the main one) and avoids warnings from systemd.
 (Closes: #783321, #857678, #932105, #958289)

The changes from experimental will eventually be uploaded to unstable
once 1.14.* has been released.



signature.asc
Description: OpenPGP digital signature

Bug#857678: use /run prefix in systemd socket unit

2020-05-15 Thread Jörg Behrmann 
I just wanted to open this very same bug.

Could this issue maybe be looked at again? /run seems to have now won and
/var/run only be used by legacy systems. systemd automatically updates the path
to /run even if /var/run is set, but logs a warning, that leads to quite a bit
of log spam in tje journal.

It would be wonderful if dbus would be configured with the appropriate 
--with-systemd-socket


signature.asc
Description: PGP signature

Bug#857678: use /run prefix in systemd socket unit

2017-03-14 Thread cgzones 
2017-03-13 23:11 GMT+01:00 Simon McVittie :
> On Mon, 13 Mar 2017 at 21:58:46 +0100, cgzones wrote:
>> Since recently the reference policy defines the file contexts with
>> /run prefixes [1] and only supports /var/run via a backward
>> compatibility alias.
>
> Is that backwards compatibility alias available in the stretch version
> of the reference policy?

yes

> How old is the first reference policy where the /run version works?
>
> How far in the future is the backwards compatibility alias expected to
> go away?

idk, there was/is some discussion at the refpolicy mailing list [1]

>> Please alter the path from /var/run/dbus/system_bus_socket to
>> /run/dbus/system_bus_socket in /usr/lib/systemd/system/dbus.socket to
>> avoid wrong file contexts in the future.
>
> For better or worse, the canonical, interoperable path for the system
> bus socket across multiple OS distributions is
> /var/run/dbus/system_bus_socket (it has been that since long before
> /run was widespread). If /var/run is equivalent to /run, then it shouldn't
> matter either way. If /var/run is not equivalent to /run, then the version
> we should probably prefer is /var/run.

ok, I see
also, I found the path /var/run/dbus/system_bus_socket in the official
documentation [2]
and a similar dbus bugreport [3].

For my part, this can be closed or marked as wont-fix then.

Thanks for the quick response.

[1] http://oss.tresys.com/pipermail/refpolicy/2017-March/009166.html
[2] https://dbus.freedesktop.org/doc/dbus-specification.html#idm2461
[3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783321

Bug#857678: use /run prefix in systemd socket unit

2017-03-13 Thread Simon McVittie 
On Mon, 13 Mar 2017 at 21:58:46 +0100, cgzones wrote:
> Since recently the reference policy defines the file contexts with
> /run prefixes [1] and only supports /var/run via a backward
> compatibility alias.

Is that backwards compatibility alias available in the stretch version
of the reference policy?

How old is the first reference policy where the /run version works?

How far in the future is the backwards compatibility alias expected to
go away?

> Please alter the path from /var/run/dbus/system_bus_socket to
> /run/dbus/system_bus_socket in /usr/lib/systemd/system/dbus.socket to
> avoid wrong file contexts in the future.

For better or worse, the canonical, interoperable path for the system
bus socket across multiple OS distributions is
/var/run/dbus/system_bus_socket (it has been that since long before
/run was widespread). If /var/run is equivalent to /run, then it shouldn't
matter either way. If /var/run is not equivalent to /run, then the version
we should probably prefer is /var/run.

S

Bug#857678: use /run prefix in systemd socket unit

2017-03-13 Thread cgzones 
Package: dbus
Version: 1.10.16-1
User: selinux-de...@lists.alioth.debian.org
Usertags: selinux

Hi,
dbus ships a systemd socket unit.
On SELinux enabled systems systemd automatically sets the correct file
context on creation according to the policy's configuration.
Since recently the reference policy defines the file contexts with
/run prefixes [1] and only supports /var/run via a backward
compatibility alias.

Please alter the path from /var/run/dbus/system_bus_socket to
/run/dbus/system_bus_socket in /usr/lib/systemd/system/dbus.socket to
avoid wrong file contexts in the future.

Best regards,
 Christian Göttsche



[1] 
https://github.com/TresysTechnology/refpolicy-contrib/blob/master/dbus.fc#L16