I got a warning from OBS (opensuse build service) smb4k.x86_64: W: dbus-policy-missing-allow /etc/dbus-1/system.d/org.kde.smb4k.mounthelper.conf does not allow communication every dbus config normally needs a line of the form <allow send_destination="org.foo.bar"/> or similar. If that is missing the service will not work with a dbus that uses deny as default policy and some other warnings [ 91s] smb4k.x86_64: W: polkit-unauthorized-privilege org.kde.smb4k.mounthelper.mount (??:no:yes) [ 91s] smb4k.x86_64: W: polkit-unauthorized-privilege org.kde.smb4k.mounthelper.unmount (??:no:yes) [ 91s] The package allows unprivileged users to carry out privileged operations [ 91s] without authentication. This could cause security problems if not done [ 91s] carefully. If the package is intended for inclusion in any SUSE product please [ 91s] open a bug report to request review of the package by the security team [ 91s] [ 91s] smb4k.x86_64: I: polkit-cant-acquire-privilege org.kde.smb4k.mounthelper.mount (??:no:yes) [ 91s] smb4k.x86_64: I: polkit-cant-acquire-privilege org.kde.smb4k.mounthelper.unmount (??:no:yes) [ 91s] Usability can be improved by allowing users to acquire privileges via [ 91s] authentication. Use e.g. 'auth_admin' instead of 'no' and make sure to define [ 91s] 'allow_any'. This is an issue only if the privilege is not listed in /etc [ 91s] /polkit-default-privs.*
For the first warning ´dbus-policy-missing-allow´ I add this line after ´<policy user="root">´ : <allow send_destination="org.kde.smb4k.mounthelper"/>
Since the policy file is generate automatically, I assume this is an issue for upstream.
The following report was filed against Smb4K. Since the DBUS policy file is generated automatically, I guess this is an issue that should be taken care of here.
I do not know about DBUS policy. These are just warnings from OBS.
How would one test this? Or I guess specifically: how would one make dbus use "deny as default policy"?
Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging If you have already provided the requested information, please mark the bug as REPORTED so that the KDE team knows that the bug is ready to be confirmed. Thank you for helping us make KDE software even better for everyone!
This bug has been in NEEDSINFO status with no change for at least 30 days. The bug is now closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging Thank you for helping us make KDE software even better for everyone!