Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-19 Thread Daniel J Walsh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/18/2013 05:45 PM, Michal Sekletar wrote: On Mon, Nov 18, 2013 at 04:19:20PM -0500, Daniel J Walsh wrote: On 11/16/2013 08:10 AM, Lennart Poettering wrote: On Thu, 14.11.13 15:43, Daniel J Walsh (dwa...@redhat.com) wrote: -BEGIN PGP

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-19 Thread Michal Sekletar
On Tue, Nov 19, 2013 at 08:54:41AM -0500, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/18/2013 05:45 PM, Michal Sekletar wrote: On Mon, Nov 18, 2013 at 04:19:20PM -0500, Daniel J Walsh wrote: On 11/16/2013 08:10 AM, Lennart Poettering wrote: On Thu, 14.11.13

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-19 Thread Václav Pavlín
Út 19. listopad 2013, 15:16:47 CET, Michal Sekletar napsal: On Tue, Nov 19, 2013 at 08:54:41AM -0500, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/18/2013 05:45 PM, Michal Sekletar wrote: On Mon, Nov 18, 2013 at 04:19:20PM -0500, Daniel J Walsh wrote: On

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-19 Thread Václav Pavlín
And I obviously attached wrong file...this is the right one, sorry St 20. listopad 2013, 05:47:36 CET, Václav Pavlín napsal: Út 19. listopad 2013, 15:16:47 CET, Michal Sekletar napsal: On Tue, Nov 19, 2013 at 08:54:41AM -0500, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE-

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-18 Thread Daniel J Walsh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/16/2013 08:10 AM, Lennart Poettering wrote: On Thu, 14.11.13 15:43, Daniel J Walsh (dwa...@redhat.com) wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/14/2013 12:50 PM, Harald Hoyer wrote: On 11/05/2013 11:12 PM, Daniel J

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-18 Thread Michal Sekletar
On Mon, Nov 18, 2013 at 04:19:20PM -0500, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/16/2013 08:10 AM, Lennart Poettering wrote: On Thu, 14.11.13 15:43, Daniel J Walsh (dwa...@redhat.com) wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-16 Thread Lennart Poettering
On Thu, 14.11.13 15:43, Daniel J Walsh (dwa...@redhat.com) wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/14/2013 12:50 PM, Harald Hoyer wrote: On 11/05/2013 11:12 PM, Daniel J Walsh wrote: On 11/05/2013 12:22 PM, Lennart Poettering wrote: Ok lets add a check that

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-14 Thread Harald Hoyer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/05/2013 11:12 PM, Daniel J Walsh wrote: On 11/05/2013 12:22 PM, Lennart Poettering wrote: Ok lets add a check that checks for start on a service labeled with the remote process label, then we can add rules like allow systemd_logind_t

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-14 Thread Daniel J Walsh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/14/2013 12:50 PM, Harald Hoyer wrote: On 11/05/2013 11:12 PM, Daniel J Walsh wrote: On 11/05/2013 12:22 PM, Lennart Poettering wrote: Ok lets add a check that checks for start on a service labeled with the remote process label, then we can

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-04 Thread Lennart Poettering
On Thu, 31.10.13 15:51, Vaclav Pavlin (vpav...@redhat.com) wrote: From: Václav Pavlín vpav...@redhat.com Sorry, I don't understand what this patch is doing. Please explain in a commit message! --- src/core/selinux-access.c | 59 ++-

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-04 Thread Kay Sievers
On Mon, Nov 4, 2013 at 5:06 PM, Lennart Poettering lenn...@poettering.net wrote: Sorry, I don't understand what this patch is doing. Please explain in a commit message! The file format should also be documented in the code itself, if not done by selinx, then we need to add the link to the doc.

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-04 Thread Lennart Poettering
On Mon, 04.11.13 17:06, Lennart Poettering (lenn...@poettering.net) wrote: On Thu, 31.10.13 15:51, Vaclav Pavlin (vpav...@redhat.com) wrote: From: Václav Pavlín vpav...@redhat.com Sorry, I don't understand what this patch is doing. Please explain in a commit message! Hmm, so, here's

Re: [systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-11-04 Thread Daniel J Walsh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/04/2013 02:05 PM, Lennart Poettering wrote: On Mon, 04.11.13 17:06, Lennart Poettering (lenn...@poettering.net) wrote: On Thu, 31.10.13 15:51, Vaclav Pavlin (vpav...@redhat.com) wrote: From: Václav Pavlín vpav...@redhat.com Sorry, I

[systemd-devel] [PATCH] selinux: fix selinux check for transient units

2013-10-31 Thread Vaclav Pavlin
From: Václav Pavlín vpav...@redhat.com --- src/core/selinux-access.c | 59 ++- src/core/selinux-access.h | 15 +--- 2 files changed, 70 insertions(+), 4 deletions(-) diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c index