Thanks for the review of the system.d changes. Let's actually break this list up into 3 separate parts:
1) Services broken by the new security policy (e.g. the original PolicyKit.conf could never have worked in a default-deny world)
2) Services which use <deny send_interface/> without also specifying send_destination. These break no-interface requests from scripting languages.
3) Cleanup
Suggest we focus on these in order. I've created tracking bugs:
Thanks for the review of the system.d changes. Let's actually break this list up into 3 separate parts:
1) Services broken by the new security policy (e.g. the original PolicyKit.conf could never have worked in a default-deny world)
2) Services which use <deny send_interface/> without also specifying send_destination. These break no-interface requests from scripting languages.
3) Cleanup
Suggest we focus on these in order. I've created tracking bugs:
Broken: https:/ /bugs.freedeskt op.org/ show_bug. cgi?id= 18980 /bugs.freedeskt op.org/ show_bug. cgi?id= 18961
Deny send_interface: https:/
Cleanup: (We'll do this later)