[Pkg-utopia-maintainers] Bug#1087525: Bug#1087525: polkitd: polkit-tmpfiles.conf overrides dpkg-statoverride
Luca Boccassi
bluca at debian.org
Fri Nov 15 01:03:00 GMT 2024
On Fri, 15 Nov 2024 at 00:57, Michael Biebl <biebl at debian.org> wrote:
>
> Am 15.11.24 um 00:29 schrieb Luca Boccassi:
> > On Thu, 14 Nov 2024 at 23:27, Simon McVittie <smcv at debian.org> wrote:
> >>
> >> On Thu, 14 Nov 2024 at 22:47:05 +0000, Luca Boccassi wrote:
> >>> Incidentally, we also have some leftovers handling of /var/lib/polkit-1
> >>> - I think that's no longer necessary as well, given Michael dropped
> >>> pkla support entirely, right?
> >>
> >> In existing installations it might still be the home directory of the
> >> polkitd user (we try to change it to /nonexistent, but we might not be
> >> able to if there's some stray process running as polkitd), and we can't
> >> `rm -r` it because other packages might still own files in there.
> >>
> >> I don't think that necessarily blocks removing all of the leftover
> >> handling of it, but it will need doing a bit carefully.
> >
> > Yeah removing might not be feasible, however we can at least stop
> > creating it, setting the user/groups, etc, right?
>
> I think it's safe (and probably a good idea) to drop
> - set_perms root polkitd 750 /var/lib/polkit-1
> from polkitd.postinst.
>
> I'm not so sure we can easily drop it from polkitd.dirs.
> This would cause dpkg to attempt its removal on upgrades which might not
> be a good idea if the polkitd system user, as Simon explained above,
> could not successfully be updated to the new home directory.
> That said, it's indeed a bit unclean that we still ship the old
> directory in the package.
But we have code to change the old users homedir though, so it's a
fallback for a fallback for a fallback... we should just change it to
assert that the user is correctly configured after trying to change
it, and refuse to continue unless manual action is taken to repair it,
with an explicit error. That way we know that even in the corner case
of a corner case of a corner case, it's safe to drop.
More information about the Pkg-utopia-maintainers
mailing list