Kind: Notes

short content: a post or status update with just plain content and typically without a title

Posted on
by

I just started poking around at my account at Opendesktop Org for the first time (was migrated from some former website) and stumbled over the ocs-site-verification “feature” in the profile.

Frankly I am bamboozled that this is not using “simple” XFN rel=me as it is used by many others including Github, Gitlab, Mastodon, GamingOnLinux, WordPress and is an existing standard for open web to tell profile equivalence for a decade?

Can someone explain this to me or even better tell me where to put this as an improvement suggestion?

This approach reminds me of tracking features like Google Analytics does it and frankly I find it sort of invasive to require custom “code” instead of relying on a more generic and open approach especially when keeping the background of Opendesktop Org in mind.

I’m doing a little experiment and want to show how fast a post can spread. Please share and subscribe!

Kidding. Don’t fall for this crap. Your timeline is yours. Keep it clean and sub only to stuff you like!

Okay. It makes _some_ sense but it’s still weird:

Failed to load the IMA custom policy file /etc/ima/ima-policy1: Permission denied
[!!!!!!] Failed to load IMA policy, freezing

So what really happened: /etc/ima/ima-policy exists. It is not looking for a file ima-policy1. The appended 1 is probably an exit code and it’s error message is misleading.

I had some rules making use of labels like dont_appraise obj_type=systemd_journal_t in the policy and that goes boom when not bootet with SELinux support (e.g. selinux=0) at all. Good to know.

Also: System is still in dev mode so loading custom policy is fine 🤓