[Bug 1219956] New: AUDIT-0: power-profiles-daemon: review of D-Bus service/rules org.freedesktop.UPower.PowerProfiles
https://bugzilla.suse.com/show_bug.cgi?id=1219956 Bug ID: 1219956 Summary: AUDIT-0: power-profiles-daemon: review of D-Bus service/rules org.freedesktop.UPower.PowerProfiles Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: idesmi@protonmail.com QA Contact: qa-bugs@suse.de Target Milestone: --- Found By: --- Blocker: --- The service was renamed from `net.hadess.PowerProfiles` https://build.opensuse.org/request/show/1146774 power-profiles-daemon.x86_64: E: dbus-file-unauthorized (Badness: 10) /usr/share/dbus-1/system.d/org.freedesktop.UPower.PowerProfiles.conf (sha256 file digest default filter:919d35bb79d7ad12f3a4ccf496b5d359a10fd96c491191d54db4dbe8417281fc shell filter:7e473b1c4fbda103f13b1d9dd9ffdc3d0eb2aacb3295765757105da7c2786cbd xml filter:a1b1dda54405102f4a297c836a32a0843dcca50e09b0ac995fa61f0e24977f15) power-profiles-daemon.x86_64: E: dbus-file-unauthorized (Badness: 10) /usr/share/dbus-1/system-services/org.freedesktop.UPower.PowerProfiles.service (sha256 file digest default filter:3439df2aae12b0625a322fc66f2ee2dd2dc76ff8682bdeb38f71ad22a3070143 shell filter:68b263d55c5512e9dfedb536e003cde51d416c6fbd4913ec0f77abc6c6baa32b xml filter:<failed-to-calculate>) -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1219956 Enrico Belleri <idesmi@protonmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugzilla.opensuse.o | |rg/show_bug.cgi?id=1219957 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1219956 Dominik Wombacher <dominik@wombacher.cc> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dominik@wombacher.cc -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1219956 https://bugzilla.suse.com/show_bug.cgi?id=1219956#c11 Atri Bhattacharya <badshah400@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |badshah400@gmail.com --- Comment #11 from Atri Bhattacharya <badshah400@gmail.com> --- (In reply to Wolfgang Frisch from comment #3)
Can we remove the D-Bus service files for the old endpoint (net.hadess...)?
The package ships both the old and the new D-Bus service. As far as I can see, it's working perfectly fine with just the new service. On top of that, the new Polkit configuration effectively renders the old service inaccessible.
I suggest to remove the following files from the RPM: ./usr/share/dbus-1/system-services/net.hadess.PowerProfiles.service ./usr/share/dbus-1/system.d/net.hadess.PowerProfiles.conf
Thanks.
Wolfgang, We have had to add back the old net.hadess.* service and conf files because deleting them breaks power-profiles-daemon and prevents it from starting. See #c10 here and submit request at build.o.o: https://build.opensuse.org/request/show/1163727/changes Could you please let us know if this will require a fresh audit review or are we good to let this through given these files existed on previous versions and were audited then? Thanks in advance. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1219956 Atri Bhattacharya <badshah400@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(wolfgang.frisch@s | |use.com) -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com