May 2020 - YaST Development - openSUSE Mailing Lists

[yast-devel] XML Schema Meeting Conclusion
by josef Reidinger 04 May '20

04 May '20

Hi, today we had meeting about changes in xml schema and also we revisit some topics in XML parser. Here are conclusions we reach ( do not hesitate to opposite or add anything I miss or forget ): - allow in schema types everywhere. Current situation is that type string and map is forbidden and rest is mandatory. So newly string and map can be optionally specified in XML. - allow for backward compatibility type disksize and fallback to string as before. This needs modification in xml parser and also in schema allow beside disksize also string type for given types. - if no type is specified, use string type ( for backward compatibility it still use hash when there are no value and sub elements ). This simplify situation with implicit type and also helps a lot with backward compatibility. - when exporting ( aka serializing data ) it won't write type string to make xml smaller as it is now default type. On other hand, map is always written down, so if user edit XML and remove sub elements, it won't be considered as empty string. - martin propose to have alternative with `t=<type>` syntax as shortcut to `config:type=<type>` and use it by default. Idea looks good for all participants. Martin plan to introduce it for discussion. - no modification of skelcd will be needed due to changes mentioned above even in post install script of yast2.rpm - For autoyast profile, we should still work with old profiles. It needs testing if we do not export anywhere empty hash, which in past will be skipped, but newly it will be empty string. Josef -- To unsubscribe, e-mail: yast-devel+unsubscribe(a)opensuse.org To contact the owner, e-mail: yast-devel+owner(a)opensuse.org

1 0

[yast-devel] Upcoming changes in AppArmor aa-status output
by Christian Boltz 04 May '20

04 May '20

Hello, AFAIK the YaST AppArmor module uses the JSON output of aa-status. There are two upcoming changes, and I'd like to point them out so that you can adjust the YaST AppArmor module if needed. a) new profile modes Besides complain and enforce mode, future AppArmor versions (>= 3.0) will also have `unconfined`, `mixed` and `kill`. Technically the structure of the JSON doesn't change, but there will be new values for the status, for example "processes": { "/usr/lib/GConf/2/gconfd-2": [ { "pid": "3899", "profile": "/usr/lib/GConf/2/gconfd-2", "status": "kill" } ] } "profiles": { "/does/not/exist": "kill" } Side question: Do you think this warrants increasing the JSON version number? Quick explanation about the new modes: - unconfined: similar to not having a profile, but when using an unconfined profile, it's possible to replace it with a "real" profile later, so that programs initially running under an unconfined profile get a profile in enforce mode - kill: similar to enforce, but on profile violations, the process will be killed instead of "just" getting EPERM - mixed: when using stacked profiles, this indicates that a program is for example using a stack of two profiles, one in complain and one in enforce mode. (This also means you'll see "mixed" only in aa-status output, but never in a profile's "flags=(...)".) (Extending the aa-* tools to support switching to kill and unconfined mode is still on my TODO list.) b) whitespace changes aa-status was rewritten to C, which results in changed whitespace in the --json output. Currently --pretty-json also results in "compressed" JSON, but I hope that this will change again in the future. I'd guess/hope that whitespace changes shouldn't matter, but please check nevertheless. Currently the new aa-status is only available in upstream git master. If it makes testing easier for you, I can provide the compiled binary or some example output. Regards, Christian Boltz -- Es kann dadurch , daß der Rechner ( wenn er an Trenn - zeichen umbricht [Ratti erklärt ) die falschen Stellen den Begriff erwischt , zu ganz gräß "Plenken" - lichen Effekten kommen in suse-linux] ! -- To unsubscribe, e-mail: yast-devel+unsubscribe(a)opensuse.org To contact the owner, e-mail: yast-devel+owner(a)opensuse.org

2 1

[yast-devel] Pending Pull Requests
by yast-ci＠opensuse.org 04 May '20

04 May '20

This email is automatic generated from yast CI node. It lists of pull requests that have no activity more then three working days. If your module is listed, please check all pull request, why they are not merged yet. Pending requests in repository yast-apparmor: - Port to rake (324 days) https://github.com/yast/yast-apparmor/pull/40 Pending requests in repository yast-bootloader: - Fix resume with uuid partition (291 days) https://github.com/yast/yast-bootloader/pull/564 Pending requests in repository yast-core: - Fixes for gensalt handling with libxcrypt. (66 days) https://github.com/yast/yast-core/pull/144 Pending requests in repository yast-country: - Port to rake (291 days) https://github.com/yast/yast-country/pull/217 Pending requests in repository yast-devtools: - Y2logs analyzer (68 days) https://github.com/yast/yast-devtools/pull/149 - Supplement changes from YCC (96 days) https://github.com/yast/yast-devtools/pull/148 - Move desktop files (329 days) https://github.com/yast/yast-devtools/pull/143 Pending requests in repository yast-installation: - Stop plymouth splash to avoid serial terminal splutter. (52 days) https://github.com/yast/yast-installation/pull/841 - Demo: eager mode of zombie-killer 0.5 (542 days) https://github.com/yast/yast-installation/pull/761 Pending requests in repository yast-iscsi-lio-server: - Write service after save sp1 (9 days) https://github.com/yast/yast-iscsi-lio-server/pull/104 Pending requests in repository yast-network: - network-ng: test cases document (draft) (164 days) https://github.com/yast/yast-network/pull/947 - add initial test cases document (290 days) https://github.com/yast/yast-network/pull/853 Pending requests in repository yast-nis-client: - fix build requires (55 days) https://github.com/yast/yast-nis-client/pull/47 Pending requests in repository yast-online-update-configuration: - drop old testsuite and convert to rake (38 days) https://github.com/yast/yast-online-update-configuration/pull/24 Pending requests in repository yast-packager: - Include some hints in the "Priority" label (bsc#1154693) (33 days) https://github.com/yast/yast-packager/pull/482 Pending requests in repository yast-pkg-bindings: - drop old empty testsuite (38 days) https://github.com/yast/yast-pkg-bindings/pull/127 Pending requests in repository yast-registration: - [SP3] Fix misleading default_skipping_text (BSC#1167795) (31 days) https://github.com/yast/yast-registration/pull/488 Pending requests in repository yast-squid: - packaging: remove SuSEfirewall2 artifacts (282 days) https://github.com/yast/yast-squid/pull/30 Pending requests in repository yast-sudo: - WIP: Add a CFA model for handling the sudoers file (125 days) https://github.com/yast/yast-sudo/pull/12 Pending requests in repository yast-sysconfig: - Drop old testsuite (37 days) https://github.com/yast/yast-sysconfig/pull/30 Pending requests in repository yast-users: - Improve readme (88 days) https://github.com/yast/yast-users/pull/224 - Move back the UMASK default value to /etc/login.defs (bsc#1099153) (669 days) https://github.com/yast/yast-users/pull/161 ERROR: API query limit exceeded -- To unsubscribe, e-mail: yast-devel+unsubscribe(a)opensuse.org To contact the owner, e-mail: yast-devel+owner(a)opensuse.org

1 0