[Pkg-libvirt-maintainers] Bug#768376: Bug#768376: Bug#768376: Bug#768376: libvirt-daemon-system: Please downgrade policykit-1 dependency to recommends
Guido Günther
agx at sigxcpu.org
Fri Nov 7 20:17:34 UTC 2014
Hi Reco,
On Fri, Nov 07, 2014 at 06:49:43PM +0300, Reco wrote:
> On Fri, 7 Nov 2014 13:00:03 +0100
> Guido Günther <agx at sigxcpu.org> wrote:
>
> > And what about /lib/systemd/system/libvirtd.socket ?
>
> A good point. That's something I missed due to not using systemd in
> wheezy.
>
>
> > I'm happy to apply patches that improve the situation (either code
> > wise or documentation wise) but until the I'd rather not turn this
> > into a recommends.
>
> Attaching a documentation patch for now. Should apply cleanly against
> 1.2.9-3~bpo70+1 Debian source. I took the liberty of reusing your name
> in the NEWS file as I don't intend to disclose mine. I also transfer
> an authorship of this patch and all appropriate rights to the Debian
> Libvirt Maintainers.
>
> Reco
> diff --git a/debian/libvirt-daemon.NEWS b/debian/libvirt-daemon.NEWS
> index 59bdd40..d7a23ac 100644
> --- a/debian/libvirt-daemon.NEWS
> +++ b/debian/libvirt-daemon.NEWS
> @@ -1,3 +1,12 @@
> +libvirt (1.2.9-3~) unstable; urgency=low
> +
> + From this version upon libvirtd uses PolicyKit to protect own sockets at
> + /var/run/libvirt by default. Reverting to the old behaviour (libvirtd's
> + sockets are protected by filesystem's permissions) requires editing of
> + /etc/libvirt/libvirtd.conf and overriding libvirtd.socket.
> +
> + -- Guido G??nther <agx at sigxcpu.org> Sun, 07 Dec 2014 18:45:55 +0100
> +
Thanks for the path but we have this in libvirt-daemon-system.NEWS
already - and that's the package that depends on systemd. We rather
need an update to README.Debian of libvirt-daemon-system explaining
how to _exactly_ configure socket based security.
Cheers,
-- Guido
More information about the Pkg-libvirt-maintainers
mailing list