The SUSE security team restricts the installation of system wide D-Bus services and Polkit policies in openSUSE distributions and derived SUSE products. Any package that ships these features needs to be reviewed by us first, before it can be added to production repositories.
In November, openSUSE KDE packagers approached us with a long list of KDE components for an upcoming KDE6 major release. The packages needed adjusted D-Bus and Polkit whitelistings due to renamed interfaces or other breaking changes. Looking into this many components at once was a unique experience that also led to new insights, which will be discussed in this article.
For readers that are new to D-Bus and/or Polkit, the following sections offer a summary to get a better idea about these systems.
Matthias Gerstner
You don’t get these kinds of in-depth looks at how a major new release like KDE 6 gets implemented in a popular distribution like openSUSE. What’s especially crazy is that this only really covers D-Bus and Polkit, and those are just two of the countless aspects of openSUSE affected by KDE 6.
SuSE, now that is a name i have not heard in a while. I used to use SuSE a lot many years ago, and i loved the YaST CLI system configurator.
I had no idea they were still around outside the german government.
I would try it but the thought alone of ever going back to a rpm based distro and conflict hell sends shivers down my spine.
Yeah SuSE was my distro of choice way back when. It just seemed so polished to others. But, yeah, RPM is a bit tough to swallow these days.
Drunkula,
I agree. SuSE was so much more polished. It was no contest in my view and I tried dozens of distros that came on CD bundles with Linux Format magazine. I’m sure it sounds like I’m being partial but YaST really was miles ahead. Alas, for whatever reason SuSE didn’t win the popularity contest, at least here in the US.
YaST is great, the rest of it s meh. Just tried it in a virtual machine and to be fair, it is well integrated. Not a product i would use though, I much would have prefered to YaST to be available on a more common distro like Void or debian since it is indeed a great tool.
NaGERST,
Well, I don’t demo distros like I used to. I haven’t used SuSE in so many years I can’t really comment on where it’s at today. I do way less distro hopping than I used to, which has virtually nothing to do with their merits. I’ve gotten comfortable with a handful goto distros and I’m not terribly motivated to venture beyond them.
I don’t get the “RPM hate” here, I’ve been administering CentOS (5/6/7, now Alma 8/9) for so long that I may be biased, but I’m also very familiar with Debian derivatives (long time Kubuntu user, now I also administer Debian and Ubuntu at $work).
Dependency/conflict hell in RPM-based distros (at least in the RHEL derivatives) is something I haven’t enconutered in years.
And while in my ~20 years of sysadmin work I had many battles to fix servers/VPSs wit broken packages (usually due to a hard shutdown in the middle of an update, or running out of memory), RPM based systems are so much easier to fix than Debian-derivatives that it’s not funny at all.
I mean, how can dpkg/apt prevent you from uninstalling a package because there’s no space left in the filesystem?
Which is the problem you’re trying to fix in the first place, because Deb systems “helpfully” don’t remove older kernels, and with automatic updates enabled, if you don’t keep an eye on them you can end up with dozens of old kernels occupying space unnecesarily.
The 2 last paragraphs (“I mean…”) should be surrounded by “rant” and “/rant” tags, that the comments system swallowed