Stefan Berger/Watson/IBM wrote on 09/23/2016 12:43:33 PM: > From: Stefan Berger/Watson/IBM > To: Panu Matilainen <pmati...@laiskiainen.org> > Cc: fionnuala.gun...@gmail.com, rpm-maint@lists.rpm.org, Stefan > Berger <stef...@linux.vnet.ibm.com> > Date: 09/23/2016 12:43 PM > Subject: Re: [Rpm-maint] [PATCH v2 0/4] Fixes for file signatures > > Panu Matilainen <pmati...@laiskiainen.org> wrote on 09/23/2016 07:50:15 AM: > > > > >> > > >> So... to achieve all this and actually behave correct in the face of > > >> skipped files - whether due to color, netshared path or other file > > >> policies - the IMA plugin should really just do what the selinux plugin > > >> does and use fsm_file_prepare hook for its task, which after all is > > >> highly similar anyway. > > > > > > Has the file been written when fsm_file_prepare is called? Otherwise it > > > seems better to do it in fsm_file_post. > > > > Yes, the entire file has been created but not yet moved to its final > > destination. That's why it gets two path parameters: "path" for the > > actual current filename which has a temporary suffix, and "dest" which
> > is the actual destination filename. So this is really the best place to > > do any metadata work because then the file actually ready when it gets > > renamed to its final distination (ie without the suffix). > > For some mysterious reason dnf now exists in an update when I run in > the fsm_file_prepare hook. After that, when telling dnf to install a > package, it enumerates all kinds of locks that it unlocks. Do you > know what may be the cause for this ? > > Following these issues, I would like to try to meve it to the > fsm_file_post hook. The same happens there. DNF just terminates. And on a 'dnf install' I get the error message BDB2053 Freeing read locks for locker 0x852: 3387/139931634120448 I have not seen this problem when running the same update using the patches that introduce and use the fsm_post hook. > > Stefan
_______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint