On 23 Nov 2009, at 14:25, Marc Dionne wrote:
I don't think IMA is enabled on your typical distro kernel, so the combination of AFS and IMA probably has had very little testing. Is it intentional that you have it enabled in your kernel .config?
Sadly, from a look at the Fedora CVS, it seems like Fedora 12 is shipping with IMA enabled.
By the looks of things, we could change to using filp_open with pathnames to open and close cache files (in the same way as we currently do on Mac OS X and Solaris). However, filp_open doesn't have the support that dentry_open() has for opening files with a specific set of credentials. This means that the problems we had recently with Apparmour and Selinux crashing us will reappear.
At this point, I'm not sure of what the best course of action is ... S. _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
