Feature added by: Dominique Leuenberger (dimstar)
Feature #319035, revision 1
Title: Make YaST (incl. modules available in GNOME Software
openSUSE Distribution: Unconfirmed
Priority
Requester: Desirable
Requested by: Dominique Leuenberger (dimstar)
Partner organization: openSUSE.org
Description:
GNOME Software is an other way of handling installations. Instead of being package centric, it is application centric. An application is being represented by means of an appdata.xml file in it's setup (installed to /usr/share/appdata), then a metadata parser extracts this info and produces 'AppStream' metadata (to be consumed by software centers) In order to make extensions/plugins to applications discoverable, a package can add a metainfo.xml file to the same location and have itself listed as an extension/addon to the application.
For YaST, this results in: - an appdata.xml file being provided together with YaST.desktop (done) - For all yast modules to install a metainfo.xml file, describin their extensive nature to yast.
--
openSUSE Feature:
https://features.opensuse.org/319035
Feature added by: Sławomir Lach (Lachu)
Feature #318458, revision 1
Title: Reading user process memory
Requested by: Sławomir Lach (lachu)
Partner organization: openSUSE.org
Description:
Reading user's process memory or writting to it is very bad think. Malware can stole passwords or change settings of application.
I have two idea about solving this issue: 1. Dissallow to debug(reading/writting memory) process placed in /bin, /sbin, /usr/bin, /usr/sbin 2. Dissallow to debug(reading/writting memory) process of file not belonging to user, who execute file.
--
openSUSE Feature:
https://features.opensuse.org/318458
Feature added by: Christian Boltz (cboltz)
Feature #323500, revision 1
Title: Kernel: Add support for new AppArmor rule types
openSUSE Distribution: Unconfirmed
Priority
Requester: Important
Requested by: Christian Boltz (cboltz)
Partner organization: openSUSE.org
Description:
[forwarded from https://bugzilla.opensuse.org/show_bug.cgi?id=1042082 ]
Support for several new AppArmor rule types is on the way to the upstream kernel:
* dbus
* mount
* signal
* ptrace
* pivot_root
* unix
Also, support for profile stacking will be added and policy namespace support improved.
Those new rule types are needed to make Snappy secure - without them, it's hard or even impossible to make sure snaps don't do something they shouldn't. For example, it would be impossible to restrict dbus access to only the required parts.
Of course those new rules will also be useful for "normal" applications.
Note that adding support for those rules in a service pack is a bad idea because it might need profile updates, therefore it would be a *very* good idea to backport them to whatever kernel will be shipped in Leap 15/SLE 15.
The first base patches are already in 4.11. The next bunch is on its way to 4.12, and the goal is to get the final parts into 4.13 and 4.14. Upstream (especially John Johansen) promised to send the pull request for 4.13 in the next days. The remaining patches for 4.14 will follow in about two months - or a bit earlier if you don't insist on the final version of those patches.
Addition by John:
Unfortunately upstream 4.13 will not be sufficient. The goal now is to get the remaining changes into 4.14.
If backporting to an older kernel I would use the git://kernel.ubuntu.com/jj/linux-apparmor-backports tree.
A new series of branches will be added based on the 4.13 version of apparmor. It will provide a small patch series (2 base patches - 1 securityfs, 1 apparmor and then any necessary backport patches for the target kernel version).
The final version of the 4.13 backport branch will not be available until at earliest the close of the 4.13 merge window. But a early version could be made available next week.
--
openSUSE Feature:
https://features.opensuse.org/323500
Feature added by: Adrian Schröter (adrianSuSE)
Feature #323318, revision 1
Title: OBS WEBUI: User role selector on task list
Buildservice: New
Milestone: 2.9
Priority
Requester: Important
Requested by: Adrian Schröter (adriansuse)
Requested by: Ruediger Oertel (oertel)
Partner organization: openSUSE.org
Description:
OBS Webui shall support filtering open tasks for a user by his workflow role there.
The role is defined via a group for now. Details for planing can be found in this trello card:
https://trello.com/c/H0fZCfFi/319-allow-filtering-of-requests-reviews-and-b…
This request is just for tracking and connecting involved people.
--
openSUSE Feature:
https://features.opensuse.org/323318
Feature added by: Ancor Gonzalez Sosa (ancorgs)
Feature #320873, revision 1
Title: Remove copy_to_system from control.xml and AutoYaST
openSUSE Distribution: New
Priority
Requester: Desirable
Requested by: Ancor Gonzalez Sosa (ancorgs)
Partner organization: openSUSE.org
Description:
In 2006 an generic mechanism to (silently) copy files from an existing filesystem to the system being installed was introduced in YaST as part of the implementation of two different features (fate#120103 and fate#300421). Any information to the user about the files being copied was intentionally left out (see comments in #300421).
In 2008 the list of files was moved to control.xml and the AutoYaST profile (fate#305019). But the documentation and schema for the AutoYaST profile were never updated to reflect the change.
We have received several bug reports and Fate entries about it since then, from incomplete lists of files (bug#956515, bug#956976) to non-intuitive or incomplete behavior (fate#319624, bug#956976) and everything in between.
Starting with yast2-installation 3.1.187 and yast2-users 3.1.49, the original features do not longer need to use "copy_to_system" and the corresponding section is now empty in the control files of both SLE and openSUSE.
I would like to completely drop the "copy_to_system" feature since it's obscure (everything happen behind user's back), problematic (quite some bug reports), not necessary (not longer needed by the originating features) and poorly documented (not even in the AutoYaST schema).
--
openSUSE Feature:
https://features.opensuse.org/320873
Feature added by: Divan Santana (divansantana7)
Feature #310701, revision 1
Title: package byobu in an opensuse repository
openSUSE-11.4: Unconfirmed
Priority
Requester: Important
Requested by: Divan Santana (divansantana7)
Description:
Would be great if anyone using opensuse could zypper in byobu . Unfortunately it's not in any opensuse repo despite it being a great tool for administrating linux servers. I'm quite surprised this isn't already available for opensuse. Would be a nice addition for 11.4
--
openSUSE Feature:
https://features.opensuse.org/310701
Feature added by: Bernhard Wiedemann (bmwiedemann)
Feature #322073, revision 1
Title: yast should not override ip_forward setting
openSUSE Distribution: Unconfirmed
Priority
Requester: Important
Requested by: Bernhard Wiedemann (bmwiedemann)
Partner organization: openSUSE.org
Description:
someone thought, this bugfix qualifies as feature: http://bugzilla.suse.com/show_bug.cgi?id=1010036
Test Case:
echo net.ipv4.ip_forward = 1 > /etc/sysctl.d/50-ip-forward.conf
sysctl --system 2>/dev/null |grep "ip_forward = " net.ipv4.ip_forward = 1
Use Case:
as a system administrator I want to override ip_forward setting in an easily scripted manner by writing my preferred values to /etc/sysctl.d/50-ip-forward.conf
Business case (Partner benefit):
openSUSE.org: manual configuration is deprecated and yast overriding admin's settings should be a thing of the past.
--
openSUSE Feature:
https://features.opensuse.org/322073
Feature added by: Algimantas B (algyzas)
Feature #308445, revision 1
Title: Tor is not working out of box
Package Wishlist: Unconfirmed
Priority
Requester: Neutral
Requested by: Algimantas B (algyzas)
Description:
Let's say I installed tor, it is came alone, without privoxy. One should download it manually. And then if I try
:~> screen torify konqueror
hich: no tsocks in (/home/senis/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib/jvm/jre/bin:/usr/lib/mit/bin:/usr/lib/mit/sbin:.) /usr/bin/torify: Can't find tsocks in PATH. Perhaps you haven't installed it?
[screen is terminating]
There is a guide http://en.opensuse.org/Privoxy_tor_squid how to setup it, I'll try it, but in some other distributions it works out of box like this.
--
openSUSE Feature:
https://features.opensuse.org/308445
Feature added by: Pete Clayson (Olmy)
Feature #309627, revision 1
Title: Enhance 'Safely Remove' to spin-down and power-off usb HDDs
openSUSE-11.3: Unconfirmed
Priority
Requester: Important
Requested by: Pete Clayson (olmy)
Description:
'Safely remove' should (as far as possible) allow for genuine safe removal of all media. Under certain other OSs, the 'safely remove' option on usb devices will... 1/ On usb pen drive with a power/activity led, switch it off (trivial nicety, but reassuring). 2/ On usb HDDs, spin down the disk and power off. This seems more important. There is some discussion about this, for example, http://elliotli.blogspot.com/2009/01/safely-remove-usb-hard-drive-in-linux.… (http://elliotli.blogspot.com/2009/01/safely-remove-usb-hard-drive-in-linux.…) I know that the latest version of Ubuntu does this and there is a script offered in the above link. However, the script, as it stands and run on my installation of OpenSUSE, does not seem to work (in the same way as WinXP or Ubuntu, anyway - my WD600D036 disk does not power off) despite the positive messages in verbose mode. Perhaps this is the CONFIG_USB_SUSPEND option mentioned?
--
openSUSE Feature:
https://features.opensuse.org/309627
Feature added by: Ludwig Nussel (lnussel)
Feature #323785, revision 1
Title: generic translation of pattern-category
Requested by: Ludwig Nussel (lnussel)
Partner organization: openSUSE.org
Description:
pattern packages have special tags for the category, e.g.
pattern-category() = Base%20Technologies
Also, translations are contained directly in the package, ie
pattern-category(de) = Basistechnologien pattern-category(zh_CN) = %E5%9F%BA%E7%A1%80%E6%8A%80%E6%9C%AF
The translations come from a perl script in patterns-rpm-macros: https://build.opensuse.org/package/view_file/openSUSE:Factory/patterns-rpm-…
Ie not via weblate. Also putting localized strings in package metadata is uncommon on (open)SUSE.
So instead of using a custom special method we should use the regular package metadata translation mechanism we also use for summary and description: https://l10n.opensuse.org/projects/packages-i18n/patterns-master/
Furthermore, how about instead of using this extra provides tag, use the rpm group tag, like e.g. Group: patterns/Base Technologies
--
openSUSE Feature:
https://features.opensuse.org/323785