On Thu, 02 Feb 2023 16:19:10 +0100 Per Jessen <per@jessen.ch> wrote:
Dave Howorth wrote:
[snip of evidence showing that actually is the case]
Is it just me or does that seem like a complication too far to everybody else? An unexpected failure of a well-known longstanding sevice with a totally unexpected and difficult to find reason,
The lack of some error messages does seem ... hmm, disappointing.
and all to what purpose? It doesn't stop bad actors accessing the modules in some other way. What were the systemd people smoking?
I don't think systemd is to blame (other than for providing the features), I think it is SUSE / ourselves:
https://en.opensuse.org/openSUSE:Security_Features -> Systemd hardening effort
Yes, my apologies to the systemd folks. Somewhat of a sledgehammer approach by the opensuse folks. Move fast and break things, I suppose :( It seems like adding a comment to https://bugzilla.suse.com/show_bug.cgi?id=1181400 pointing out that it breaks locate would be the right thing to do.