Bug#688080: unblock: tomoyo-tools/2.5.0-2012-0414-10
Hi,
(disclaimer: I'm not a member of the release team.)
Hideki Yamane wrote (16 Oct 2012 20:03:34 GMT) :
> On Fri, 12 Oct 2012 23:45:14 +0100
> "Adam D. Barratt" <adam@adam-barratt.org.uk> wrote:
>> > +To enable Tomoyo as the MAC security, please specify parameter to
>> > the kernel.
>> > +By default, it will be done by package.
>>
>> That doesn't appear to be accurate, given:
>>
>> > +Template: tomoyo-tools/grub
>> > +Type: boolean
>> > +Default: false
>> > +_Description: Enable TOMOYO Linux at boot time?
> Well, users just answer "yes" with debconf, I mean.
I believe that Adam means that in the "By default, it will be done by
package" sentence introduced by the proposed change, the *By default*
part is not matched by the actual implementation. After a glance at
the diff, I can only concur: doing something by default is quite
different from doing it iff. the user chooses a non-default answer to
a medium-priority debconf question.
Anyhow, the current implementation looks incomplete and quite fragile
to me:
> + if [ $RET = true ]; then
> + sed -e s/^GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"security=tomoyo\"/ \
> + -i /etc/default/grub && update-grub
> + elif [ $RET = false ]; then
> + sed -e s/^GRUB_CMDLINE_LINUX=\"security=tomoyo\"/^GRUB_CMDLINE_LINUX=\"\"/ \
> + -i /etc/default/grub && update-grub
> + fi
Unless I'm mistaken, this code:
* basically assumes it's the only one to manage GRUB_CMDLINE_LINUX,
which is untrue: grub-pc maintainer scripts manage
/etc/default/grub with ucf
* assumes GRUB_CMDLINE_LINUX is initially empty, which may not be the
case
* does not support removing security=tomoyo in case other settings
where added by the administrator (same in tomoyo-tools.postrm)
(FTR, this kind of difficulties are why I did not introduce a similar
semi-automatic enabling feature in the AppArmor package yet.)
I think bugs should be filed against the version in unstable to track
this issues.
Once they are fixed, then an additional issue will arise: the code
should also make sure only one security= parameter is passed to Linux.
Therefore, I don't think the proposed update is suitable for testing
at this time of the Wheezy release process. I recommend the release
team rejects this request.
Anyway, it would be awesome if the code and comments were fixed in
unstable at some point. Unfortunately, I guess that will be too late
for Wheezy.
> Users should check package's README.Debian and modify
> /etc/default/grub and run update-grub by hand if it's not
> introduced this change. For better user friendly package, I want it
> put to Wheezy.
I appreciate your concern about usability.
Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
Reply to: