Bug#825465: boinc-client: wrong SE Linux contest on /var/lib/boinc-client

Gianfranco Costamagna locutusofborg at debian.org
Fri May 27 08:02:38 UTC 2016 

control: tags -1 +patch +pending

Hi Russel, can you please double check this commit?
http://anonscm.debian.org/cgit/pkg-boinc/boinc.git/commit/?id=eadea7655ef601fe57f79281b0de49d48f23ddbf

thanks,

G.




Il Venerdì 27 Maggio 2016 3:42, Russell Coker <russell at coker.com.au> ha scritto:
Package: boinc-client
Version: 7.4.23+dfsg-1
Severity: normal

After installing boinc-client the directory /var/lib/boinc-client has the wrong SE
Linux context.  There are 2 ways of fixing this.  One way is to include that
directory in the package which means that dpkg will assign the correct context to it.
The other way is to have something like the following in the postinst:

[ -x /sbin/restorecon ] && /sbin/restorecon $BOINC_DIR

As an aside instead of using the following to make a directory you could use
"mkdir -p".

mkdir $BOINC_DIR 2>/dev/null || true

-- Package-specific info:
-- Contents of /etc/default/boinc-client:
# This file is /etc/default/boinc-client, it is a configuration file for the
# /etc/init.d/boinc-client init script.

# Set this to 1 to enable and to 0 to disable the init script.
ENABLED="1"

# Set this to 1 to enable advanced scheduling of the BOINC core client and
# all its sub-processes (reduces the impact of BOINC on the system's
# performance).
SCHEDULE="1"

# The BOINC core client will be started with the permissions of this user.
BOINC_USER="boinc"

# This is the data directory of the BOINC core client.
BOINC_DIR="/var/lib/boinc-client"

# This is the location of the BOINC core client, that the init script uses.
# If you do not want to use the client program provided by the boinc-client
# package, you can specify here an alternative client program.
#BOINC_CLIENT="/usr/local/bin/boinc"
BOINC_CLIENT="/usr/bin/boinc"

# Here you can specify additional options to pass to the BOINC core client.
# Type 'boinc --help' or 'man boinc' for a full summary of allowed options.
#BOINC_OPTS="--allow_remote_gui_rpc"
BOINC_OPTS=""

# Scheduling options

# Set SCHEDULE="0" if prefering to run with upstream default priority
# settings.

# Nice levels. When systems are truly busy, e.g. because of too many active
# scientific applications started by the boinc client, there is a chance for
# the boinc client not to be granted sufficient opportunity to check for
# scientific applications to be alive and make the (wrong) decision to
# terminate the scientific app. This is particularly an issue with many
# apps started in parallel on modern multi-core systems and extra overheads
# for the download and uploads of files with the project servers. Another
# concern is the latency for scientific applications to communicate with the
# graphics card, which should be low. All such values should be set and
# controled from within the BOINC client. The Debian init script also sets
# extra constrains via chrt on real time performance and via ionice on 
# I/O performance, which is beyond the regular BOINC client. It then was
# too easy to use that code to also constrain minimal nice levels. We still
# think about how to best distinguish GPU applications from regular apps.
BOINC_NICE_CLIENT=10
BOINC_NICE_APP_DEFAULT=19
#BOINC_NICE_APP_GPU=5        # not yet used

# ionice classes. See manpage of ionice (1) in the util-linux package.
BOINC_IONICE_CLIENT=3        # idle
#BOINC_IONICE_APP_DEFAULT=3  # idle, not yet used
#BOINC_IONICE_APP_GPU=2      # best effort, not yet used


-- System Information:
Debian Release: 8.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages boinc-client depends on:
ii  adduser                3.113+nmu3
ii  ca-certificates        20141019+deb8u1
ii  debconf [debconf-2.0]  1.5.56
ii  libboinc7              7.4.23+dfsg-1
ii  libc6                  2.19-18+deb8u4
ii  libcurl3               7.38.0-4+deb8u3
ii  libgcc1                1:4.9.2-10
ii  libstdc++6             4.9.2-10
ii  python                 2.7.9-1
ii  zlib1g                 1:1.2.8.dfsg-2+b1

boinc-client recommends no packages.

Versions of packages boinc-client suggests:
pn  boinc-amd-opencl   <none>
pn  boinc-manager      <none>
pn  boinc-nvidia-cuda  <none>
ii  x11-xserver-utils  7.7+3+b1

-- debconf information:
  boinc-client/remove_boinc_dir: true

More information about the pkg-boinc-devel mailing list