Page MenuHomeSolus
Create Task
Maniphest T1612

Systemd-manager
Closed, InvalidPublic
Actions

Assigned To
None
Authored By
hjajet
Nov 17 2016, 12:46 PM
Tags
Referenced Files
F8221: 0003-Enable-networking.patch
Dec 9 2016, 4:56 PM
F7866: 0002-Some-formal-fixes.patch
Nov 23 2016, 4:36 PM
F7658: 0001-Initial-commit-of-systemd-manager.patch
Nov 17 2016, 12:46 PM
Subscribers
hjajet
ikey
Triage Team
Tokens
"Love" token, awarded by Unknown Object (User).

Description

Initial patch for Systemd-manager.

0001-Initial-commit-of-systemd-manager.patch20 KBDownload

Currently there is still security risk, because current cargo version doesn't verify checksums.
Cargo verify checksums starting with version 0.13, so once updated it would be safe to use cargo packages.

Related Objects
Search...

StatusSubtypeAssignedTask
 WontfixJoshStroblT24 Systemd-manager
 InvalidNoneT1612 Systemd-manager

Event Timeline

hjajet created this task.Nov 17 2016, 12:46 PM
hjajet mentioned this in T24: Systemd-manager.Nov 17 2016, 12:53 PM
JoshStrobl raised the priority of this task from Wishlist to Needs Triage.Nov 17 2016, 12:58 PM
JoshStrobl changed the edit policy from "All Users" to "Triage Team (Project)".
JoshStrobl removed subscribers: PhnxRbrn, ikey, JoshStrobl.
JoshStrobl triaged this task as Normal priority.Nov 23 2016, 2:58 AM
JoshStrobl moved this task from Backlog to Ready For Merge on the Patch Submission board.

git|https://github.com/mmstick/systemd-manager.git : a83a102ef918d0499a02da6a69ef113b7c82a160 needs to be changed to git|https://github.com/mmstick/systemd-manager.git : 1.0.0

+license     :
+    - GPL-3.0

Can be changed to license : GPL-3.0

JoshStrobl moved this task from Ready For Merge to Awaiting Fixes on the Patch Submission board.Nov 23 2016, 4:13 AM
hjajet added a comment.Nov 23 2016, 4:36 PM

Ok, updated:

0002-Some-formal-fixes.patch1 KBDownload

ikey added a comment.Nov 23 2016, 4:36 PM

Currently there is still security risk, because current cargo version doesn't verify checksums.

So why is it being merged then?

hjajet added a comment.Nov 24 2016, 6:16 AM

Once T1718: Update Cargo to 0.13.0 is merged there is no security risk.
This patches should not be merged before.

hjajet added a subscriber: ikey.Dec 3 2016, 5:57 PM

Cargo is 0.13.0 now, so there should not be any security risk.
Only problem may be that dependencies are downloaded during setup.
@ikey Is it OK to package cargo-based projects by this way?

hjajet added a comment.Dec 9 2016, 4:56 PM

Patch to make it build with solbuild.

0003-Enable-networking.patch1 KBDownload

Unknown Object (User) awarded a token.Mar 9 2017, 11:03 AM
joebonrichie mentioned this in D511: systemd-manager: initial inclusion.Jun 27 2017, 12:06 AM
DataDrake closed this task as Invalid.Mar 15 2018, 3:50 PM
Herald edited projects, added Legacy Patch Upload No Longer Supported; removed Patch Submission. · View Herald TranscriptMar 15 2018, 3:50 PM
Copyright © 2015-2021 Solus Project. The Solus logo is Copyright © 2016-2021 Solus Project. All Rights Reserved.