Bug 89231

Summary: <apparmor/> in default session.conf, system.conf breaks reload of existing dbus-daemon
Product: dbus Reporter: Simon McVittie <smcv>
Component: coreAssignee: Simon McVittie <smcv>
Status: RESOLVED FIXED QA Contact: D-Bus Maintainers <dbus>
Severity: normal    
Priority: medium CC: tyhicks
Version: git masterKeywords: patch
Hardware: Other   
OS: All   
Whiteboard: review+
i915 platform: i915 features:
Attachments: Remove <apparmor/> from default system.conf, session.conf

Description Simon McVittie 2015-02-19 15:54:44 UTC 
Created attachment 113668 [details] [review]
Remove <apparmor/> from default system.conf, session.conf

The AppArmor and SELinux modes both default to "enabled" (i.e.
enable it if and only if it is supported), so there is no need to
add their element to system.conf unless a system integrator wants
to set them to either required or disabled.

However, if we add <apparmor/> on upgrade from 1.9.10 to 1.9.12,
any subsequent attempts to reload bus configuration before the
next reboot will fail, because the dbus-daemon that is already
running does not support that element.
Comment 1 Simon McVittie 2015-02-19 15:57:05 UTC 
This situation would be unavoidable if we added new syntax that we needed to use straight away, but in this case there's no value other than making the file a little more self-documenting.

Anyone contemplating changing LSM support settings should know enough to read the man page, or preferably, the source code :-)
Comment 2 Tyler Hicks 2015-02-19 16:25:23 UTC 
Comment on attachment 113668 [details] [review]
Remove <apparmor/> from default system.conf, session.conf

Review of attachment 113668 [details] [review]:
-----------------------------------------------------------------

This makes sense to me.
Comment 3 Simon McVittie 2015-02-19 16:46:57 UTC 
Fixed in git for 1.9.14, thanks

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.