From: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
To: Fiona Klute <fiona.klute@gmx.de>
Cc: Adam Duskett <adam.duskett@amarulasolutions.com>,
buildroot@buildroot.org,
Marcus Folkesson <marcus.folkesson@gmail.com>,
Antoine Tenart <atenart@kernel.org>,
Marek Belisko <marek.belisko@open-nandra.com>,
Julien Olivain <ju.o@free.fr>
Subject: Re: [Buildroot] [PATCH 13/13] package/audit: bump version to 4.0.2
Date: Sun, 27 Oct 2024 19:12:07 +0100 [thread overview]
Message-ID: <20241027191207.5a7bb4c6@windsurf> (raw)
In-Reply-To: <75be884f-08ea-432d-86b0-3b3604d25177@gmx.de>
Hello Fiona,
On Sun, 27 Oct 2024 17:45:29 +0100
Fiona Klute <fiona.klute@gmx.de> wrote:
> > This init script is kind of special, as it doesn't really start a
> > service, but does a one-shot action. Could you Cc: the next iteration
> > to Fiona so that she can review the proposal? Or maybe Fiona can even
> > review this first iteration.
>
> I'm not that familiar with SELinux, so I have to ask: Is that rule
> loading something one might want to do independently of starting auditd,
> or is it something that only makes sense if you're using auditd? In the
> latter case I think it should stay part of the auditd init script, just
> like package/openssh/S50sshd runs host key generation if needed. With
> systemd you can define explicit relationships between units, but we
> don't have anything of the kind with Busybox init, and implicit
> dependencies tend to be confusing & error prone.
I don't think it's something that makes sense if you don't start
auditd. I believe the reason to have it in a separate init script was
to mimic how systemd unit files were organized: there is one systemd
unit to load the rules, and one systemd unit file to start auditd.
Whether it makes to mimic this or not can be discussed, but I believe
that's where it comes from.
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2024-10-27 18:12 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-16 15:11 [Buildroot] [PATCH 00/13] selinux-packages: bump to 3.7 Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 01/13] package/libsepol: bump version " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 02/13] package/libsemanage: " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 03/13] package/libselinux: " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 04/13] package/policycoreutils: " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 05/13] package/checkpolicy: " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 06/13] package/restorecond: " Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 07/13] package/semodule-utils: bump to version 3.7 Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 08/13] package/selinux-python: " Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 09/13] package/setools: bump version to 4.5.1 Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 10/13] package/refpolicy: bump version to 2.20240226 Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 11/13] package/polkit: bump version to 125 Adam Duskett
2024-11-02 22:03 ` Romain Naour via buildroot
2024-09-16 15:12 ` [Buildroot] [PATCH 12/13] package/audit/S02auditd: fix shellcheck and check-package warnings Adam Duskett
2024-10-26 16:09 ` Thomas Petazzoni via buildroot
2024-10-27 22:03 ` Fiona Klute via buildroot
2024-09-16 15:12 ` [Buildroot] [PATCH 13/13] package/audit: bump version to 4.0.2 Adam Duskett
2024-10-26 16:18 ` Thomas Petazzoni via buildroot
2024-10-27 10:06 ` Julien Olivain
2024-10-27 16:45 ` Fiona Klute via buildroot
2024-10-27 18:12 ` Thomas Petazzoni via buildroot [this message]
2024-10-26 16:08 ` [Buildroot] [PATCH 00/13] selinux-packages: bump to 3.7 Thomas Petazzoni via buildroot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241027191207.5a7bb4c6@windsurf \
--to=buildroot@buildroot.org \
--cc=adam.duskett@amarulasolutions.com \
--cc=atenart@kernel.org \
--cc=fiona.klute@gmx.de \
--cc=ju.o@free.fr \
--cc=marcus.folkesson@gmail.com \
--cc=marek.belisko@open-nandra.com \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.