Your message dated Wed, 27 Jan 2021 09:20:34 +0000
with message-id <[email protected]>
and subject line Bug#955254: fixed in matrix-synapse 1.25.0-2
has caused the Debian Bug report #955254,
regarding matrix-synapse: add systemd sandboxing options to service file
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
955254: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955254
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: matrix-synapse
Version: 1.11.1-1
Severity: wishlist
Dear Maintainer,
In FreedomBox, we have added these sandboxing options:
[Service]
ConfigurationDirectory=matrix-synapse
LockPersonality=yes
LogsDirectory=matrix-synapse
NoNewPrivileges=yes
PrivateDevices=yes
PrivateTmp=yes
ProtectControlGroups=yes
ProtectHome=yes
ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectSystem=strict
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictRealtime=yes
StateDirectory=matrix-synapse
SystemCallArchitectures=native
Please consider adding any of these to the service file included in the package.
-- System Information:
Debian Release: bullseye/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 5.4.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages matrix-synapse depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.73
ii libjs-jquery 3.3.1~dfsg-3
ii libpython3-stdlib 3.8.2-2
ii lsb-base 11.1.0
ii python3 3.8.2-2
ii python3-attr 19.3.0-2
ii python3-bcrypt 3.1.7-2+b1
ii python3-bleach 3.1.3-1
ii python3-canonicaljson 1.1.4-3
ii python3-daemonize 2.4.7-4
ii python3-distutils 3.8.2-2
ii python3-frozendict 1.2-2
ii python3-idna 2.8-1
ii python3-jinja2 2.10.1-2
ii python3-jsonschema 3.0.2-4
ii python3-lxml 4.5.0-1
ii python3-msgpack 0.6.2-1
ii python3-nacl 1.3.0-5
ii python3-netaddr 0.7.19-4
ii python3-openssl 19.0.0-1
ii python3-phonenumbers 8.9.10-2
ii python3-pil 6.2.1-2+b1
ii python3-prometheus-client 0.7.1-1.1
ii python3-pyasn1 0.4.2-3
ii python3-pyasn1-modules 0.2.1-0.2
ii python3-pymacaroons 0.13.0-3
ii python3-service-identity 18.1.0-5
ii python3-signedjson 1.1.0-1
ii python3-six 1.14.0-2
ii python3-sortedcontainers 2.1.0-2
ii python3-systemd 234-3+b1
ii python3-treq 18.6.0-0.2
ii python3-twisted 18.9.0-8
ii python3-typing-extensions 3.7.4.1-1
ii python3-unpaddedbase64 1.1.0-5
ii python3-yaml 5.3.1-1
Versions of packages matrix-synapse recommends:
ii python3-psycopg2 2.8.4-2
Versions of packages matrix-synapse suggests:
pn python3-txacme <none>
-- Configuration Files:
/etc/matrix-synapse/homeserver.yaml changed [not included]
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Source: matrix-synapse
Source-Version: 1.25.0-2
Done: Andrej Shadura <[email protected]>
We believe that the bug you reported is fixed in the latest version of
matrix-synapse, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andrej Shadura <[email protected]> (supplier of updated matrix-synapse
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 27 Jan 2021 10:11:11 +0100
Source: matrix-synapse
Architecture: source
Version: 1.25.0-2
Distribution: unstable
Urgency: medium
Maintainer: Matrix Packaging Team
<[email protected]>
Changed-By: Andrej Shadura <[email protected]>
Closes: 935654 955254 955974 977430
Changes:
matrix-synapse (1.25.0-2) unstable; urgency=medium
.
* Don’t compress README.
* Increase max_upload_size to 100M (Closes: #955974)
* Stop the debconf interface when done debconfing (Correctly closes:
#935654).
* Fixes for the systemd unit files:
- Add SELinux support to the systemd unit file (Closes: #977430).
- Fix up service files for workers to point to the right Python
location
- Add sandboxing options (Closes: #955254).
- Add Documentation option.
* Replace the generic perl hashbang in a script with the real one.
Checksums-Sha1:
f902fba007a59fcb681a70d877e5d5be7dba6012 2392 matrix-synapse_1.25.0-2.dsc
e1fce5cd111740de45c6542ce78d43f48751bb8d 107152
matrix-synapse_1.25.0-2.debian.tar.xz
Checksums-Sha256:
b8b109b32799cef2cf9a302cca44dc48d7d3e3d06628fe597c50aff47df5b2eb 2392
matrix-synapse_1.25.0-2.dsc
c4533354107eaf83291cf123b96e5b083e2c0953b0317ee956e00eef553f8567 107152
matrix-synapse_1.25.0-2.debian.tar.xz
Files:
0ed4a6e230f658bd6b4685914d0c174c 2392 net optional matrix-synapse_1.25.0-2.dsc
3cc0af50b70734422f46f8a557a469ab 107152 net optional
matrix-synapse_1.25.0-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCYBEuowAKCRDoRGtKyMdy
YXDtAQCg++8OP9QD082VbRCJak+H6/udrOTI53KIOHlmjP0K7QEA8OCtOzCmMsYQ
BNHf7DxlyvuB9GzK5Hqw1xIgeNpEKQc=
=cv8R
-----END PGP SIGNATURE-----
--- End Message ---
