Menu item for fapolicyd trust sync #675
Conversation
|
I'll add a binding to sync the fapolicyd backend. There used to exist a function to reload trust by writing the fapolicyd pipe, it was removed in #548. The logic will be similar, binding only probably. |
|
Binding has been merged to master, https://github.com/ctc-oss/fapolicy-analyzer/blob/master/crates/pyo3/src/trust.rs#L166 |
|
@jw3 I'm having some issues replicating the issue. Where you installing the RPM while the application was running and which RPM were you trying to insatll? |
|
@egbicker I've saw this sporadically while reinstalling our app and messing with the fapolicyd install and trust database, but no solid reproducer is known. I was thinking the tdb util could help to set up testing.. but it cant quite tweak the db the way it needs to recreate this. Nevertheless, the function is general enough that we dont need to fix anything to need to implement it. One addition from the additional discussion: we need to pop up a confirmation dialog after this that says we need to restart the application to see the changes. If you have the ability to gracefully exit the application from that dialog, from say a "Restart now" button, then great. Otherwise just make it an Ok button and they can restart at their leisure. @dorschs57 FYI this action is eventually going to expand, but is blocked until after the trust loading stuff evolves to fix the latency issues. When there is a mechanism that loads trust in the background and signals the frontend of changes, then this will leverage that to reload the System trust after this refresh trust function completes. |
|
@jw3 what's missing here? |
|
I think this is going to sit until 1.1 where we can integrate this with the async trust load to eliminate the reload after notifying fapolicyd to reload. |
Menu option to force fapolicyd to refresh the trust database.
Calls
signal_trust_reloadto write the reload signal to the fifo pipe.Closes #634