Em qua., 30 de dez. de 2020 às 20:39, Wookey <wookey@wookware.org> escreveu:On 2020-12-30 18:39 -0300, Leandro Cunha wrote:
> Package: sponsorship-requests
> Severity: normal
>
> Dear mentors,
>
> I am looking for a sponsor for my package "dhcpcd-dbus":
>
> * Package name : dhcpcd-dbus
> Version : 0.6.1-1
> Upstream Author : Roy Marples <roy@marples.name>
> * URL : https://roy.marples.name/projects/dhcpcd
> * License : BSD-2
> * Vcs : [fill in URL of packaging vcs]
> Section : net
>
> It builds those binary packages:
>
> dhcpcd-dbus - DBus bindings for dhcpcd
>
> To access further information about this package, please visit the following URL:
>
> https://mentors.debian.net/package/dhcpcd-dbus/
>
> Alternatively, one can download the package with dget using this command:
>
> dget -x https://mentors.debian.net/debian/pool/main/d/dhcpcd-dbus/dhcpcd-dbus_0.6.1-1.dsc
>
> Changes since the last upload:
>
> dhcpcd-dbus (0.6.1-1) unstable; urgency=medium
> .
> * QA upload.
> * New upstream release.
> * Fixed Lintian reports.
> * debian/control:
> - Bumped Standards-Version to 4.5.1.
> - Added Rules-Requires-Root: no.
> - Updated homepage field.
> * debian/watch:
> - Fixed problem to import tarball via uscan.
> - Updated version of 3 to 4.
> * debian/copyright:
> - Updated year upstream author.
> - Updated source field.
> - Updated file following DEP-5.
> - Added files debian/* and people involved with year of contribution.
> - Added myself.
> * debian/rules:
> - Set ignore dh_auto_test to fix FTBFS (Fails To Build From Source) and
> thanks to Simon McVitie maintainer of the dbus who helped me with this.
> * Added debian/gbp.conf.
> * Added debian/upstream/metadata.
> * Added debian/test/control to autopkgtest.
> * Added debian/salsa-ci.yml.
OK. That all looks sensible.
I note that lintian complains about the dbus policy:
W: dhcpcd-dbus: dbus-policy-without-send-destination etc/dbus-1/system.d/dhcpcd-dbus.conf <policy context="default"><allow send_interface="name.marples.roy.dhcpcd" />
https://lintian.debian.org/tags/dbus-policy-without-send-destination.html
says:
The package contains D-Bus policy configuration that uses one of the send_* conditions, but does not specify a send_destination, and is not specific to root.
Rules of the form
<allow send_interface="com.example.MyInterface"/>
allow messages with the given interface to be sent to any service, not just the one installing the rule, which is rarely what was intended.
Similarly, on the system bus, rules of the form
<deny send_interface="com.example.MyInterface"/>
are redundant with the system bus's default-deny policy, and have unintended effects on other services.
This check ignores rules of the form
<policy user="root"> <allow ... /> </policy>
which are commonly used for the "agent" pattern seen in services like BlueZ and NetworkManager: a root-privileged daemon calls out to one or more per-user user interface agent processes with no specific name, so send_destination is not easily applicable. However, such rules should still be made as specific as possible to avoid undesired side-effects.
-----
I'm not sure if this is something that should be fixed or ignored?
The config file has not changed from what is in the current version and the file _does_ seem to specify a send_destination, so is there in fact a lintian bug?
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- Only root can own the dhcpcd service -->
<policy user="root">
<allow own="name.marples.roy.dhcpcd"/>
<allow send_interface="name.marples.roy.dhcpcd" />
<allow send_destination="name.marples.roy.dhcpcd" />
</policy>
<policy context="default">
<allow send_interface="name.marples.roy.dhcpcd" />
<allow send_destination="name.marples.roy.dhcpcd" />
</policy>
</busconfig>
Wookey
--
Principal hats: Linaro, Debian, Wookware, ARM
http://wookware.org/