Bugzilla – Bug 1220852
AUDIT-WHITELIST: cinnamon-settings-daemon: whitelist wacom.wacom-led-helper and wacom.wacom-oled-helper
Last modified: 2024-03-27 11:03:54 UTC
Hi Security team, We're aiming to bring newer cinnamon into Leap 15.6, cinnamon-settings-daemon has two polkit-unauthorized-privilege issues[1]: cinnamon-settings-daemon.x86_64: E: polkit-unauthorized-privilege (Badness: 10000) org.cinnamon.settings-daemon.plugins.wacom.wacom-led-helper (no:no:yes) cinnamon-settings-daemon.x86_64: E: polkit-unauthorized-privilege (Badness: 10000) org.cinnamon.settings-daemon.plugins.wacom.wacom-oled-helper (no:no:yes) Could you please review and whitelist these two operations, and update polkit-default-privs to *SLE15*? I think the target should be SLE-15-SP6 codestream. I supposed the same whitelist has been accepted on github and Tumbleweed via https://github.com/openSUSE/polkit-default-privs/pull/46 and https://github.com/openSUSE/polkit-default-privs/pull/100 [1] https://build.opensuse.org/package/live_build_log/home:mlin7442:rebuild_fails_156:cinnamon/cinnamon-settings-daemon/openSUSE_Leap_15.6/x86_64 , Cinnamon devel project doesn't enable leap15 build thus I use this project for the build verification.
Thank you for bringing this issue to our attention. We will schedule it in our team shortly.
Yes we already reviewed these components for Tumbleweed. Backporting the whitelist to Leap will take some time since the SLE maintenance process for rpmlint needs to be followed. We will start this process.
I'm backporting the whitelist into SLE-15-SP6.
The previous reviews for Tumbleweed happened in bug 1186845 and bug 1217532 respectively.
This is now in SLE-15-SP6:GA/polkit-default-privs. Closing as fixed.