From: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
To: Fiona Klute <fiona.klute@gmx.de>
Cc: Adam Duskett <adam.duskett@amarulasolutions.com>,
buildroot@buildroot.org,
Marcus Folkesson <marcus.folkesson@gmail.com>,
Antoine Tenart <atenart@kernel.org>,
Marek Belisko <marek.belisko@open-nandra.com>,
Julien Olivain <ju.o@free.fr>
Subject: Re: [Buildroot] [PATCH 13/13] package/audit: bump version to 4.0.2
Date: Sun, 27 Oct 2024 19:12:07 +0100 [thread overview]
Message-ID: <20241027191207.5a7bb4c6@windsurf> (raw)
In-Reply-To: <75be884f-08ea-432d-86b0-3b3604d25177@gmx.de>
Hello Fiona,
On Sun, 27 Oct 2024 17:45:29 +0100
Fiona Klute <fiona.klute@gmx.de> wrote:
> > This init script is kind of special, as it doesn't really start a
> > service, but does a one-shot action. Could you Cc: the next iteration
> > to Fiona so that she can review the proposal? Or maybe Fiona can even
> > review this first iteration.
>
> I'm not that familiar with SELinux, so I have to ask: Is that rule
> loading something one might want to do independently of starting auditd,
> or is it something that only makes sense if you're using auditd? In the
> latter case I think it should stay part of the auditd init script, just
> like package/openssh/S50sshd runs host key generation if needed. With
> systemd you can define explicit relationships between units, but we
> don't have anything of the kind with Busybox init, and implicit
> dependencies tend to be confusing & error prone.
I don't think it's something that makes sense if you don't start
auditd. I believe the reason to have it in a separate init script was
to mimic how systemd unit files were organized: there is one systemd
unit to load the rules, and one systemd unit file to start auditd.
Whether it makes to mimic this or not can be discussed, but I believe
that's where it comes from.
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2024-10-27 18:12 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-16 15:11 [Buildroot] [PATCH 00/13] selinux-packages: bump to 3.7 Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 01/13] package/libsepol: bump version " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 02/13] package/libsemanage: " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 03/13] package/libselinux: " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 04/13] package/policycoreutils: " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 05/13] package/checkpolicy: " Adam Duskett
2024-09-16 15:11 ` [Buildroot] [PATCH 06/13] package/restorecond: " Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 07/13] package/semodule-utils: bump to version 3.7 Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 08/13] package/selinux-python: " Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 09/13] package/setools: bump version to 4.5.1 Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 10/13] package/refpolicy: bump version to 2.20240226 Adam Duskett
2024-09-16 15:12 ` [Buildroot] [PATCH 11/13] package/polkit: bump version to 125 Adam Duskett
2024-11-02 22:03 ` Romain Naour via buildroot
2024-09-16 15:12 ` [Buildroot] [PATCH 12/13] package/audit/S02auditd: fix shellcheck and check-package warnings Adam Duskett
2024-10-26 16:09 ` Thomas Petazzoni via buildroot
2024-10-27 22:03 ` Fiona Klute via buildroot
2024-09-16 15:12 ` [Buildroot] [PATCH 13/13] package/audit: bump version to 4.0.2 Adam Duskett
2024-10-26 16:18 ` Thomas Petazzoni via buildroot
2024-10-27 10:06 ` Julien Olivain
2024-10-27 16:45 ` Fiona Klute via buildroot
2024-10-27 18:12 ` Thomas Petazzoni via buildroot [this message]
2024-10-26 16:08 ` [Buildroot] [PATCH 00/13] selinux-packages: bump to 3.7 Thomas Petazzoni via buildroot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241027191207.5a7bb4c6@windsurf \
--to=buildroot@buildroot.org \
--cc=adam.duskett@amarulasolutions.com \
--cc=atenart@kernel.org \
--cc=fiona.klute@gmx.de \
--cc=ju.o@free.fr \
--cc=marcus.folkesson@gmail.com \
--cc=marek.belisko@open-nandra.com \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox