Moin Marcus!
Marcus Meissner schrieb am Montag, den 14. M?rz 2011:
On Mon, Mar 14, 2011 at 07:57:31PM +0300, Ilya Chernykh wrote:
On Monday 14 March 2011 19:52:15 R. Tyler Croy wrote:
wicd.x86_64: E: suse-dbus-unauthorized-service (Badness: 10000) /etc/dbus-1/system.d/wicd.conf The package installs a DBUS system service file. If the package is intended for inclusion in any SUSE product please open a bug report to request review of the service by the security team.
What confuses me about this is that wicd was already packaged at one point for 11.3, so I don't understand why I'm getting this badness now.
Aside from that, I can open a bug report with the SUSE security team, but is there anything I can do on `osc build` to side-step that check and get a testable package in a repo on build.opensuse.org?
Add to the source a text file with name wicd-rpmlintrc with the following content:
addFilter("suse-dbus-unauthorized-service")
Then add this file as source:
Source99: wicd-rpmlintrc Dont, set the badness down to 0 instead.
In order to get the package *testable* I had to add that rpmlint hack, which I would very much like to remove, following a proper audit by the SUSE Security team.
I've filed this ticket:<https://bugzilla.novell.com/show_bug.cgi?id=681125>
Which I'm not sure is correct.
This page <http://en.opensuse.org/openSUSE:Security_packaging_policy#DBus_Services> references *nothing* useful for creating a good audit request in Bugzilla, and neither does the output of rpmlint. Perhaps this should be changed by somebody with a greater clue than I? :)
- R. Tyler Croy -------------------------------------- Code: http://github.com/rtyler Chatter: http://identi.ca/agentdero http://twitter.com/agentdero I would have done the same thing so if it doesn't exist yet, this should be the right channel for a security review and the reviewers watch
On 03/21/2011 12:11 AM, R. Tyler Croy wrote: this list. If there's no action try the factory list. I have a package (bacula) that needs a security review before I think of submitting to factory so I'm interested in the outcome of this. Regards Dave P -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org