On Tuesday 16 September 2008 04:14, Bastian Blank [EMAIL PROTECTED] wrote:
This
cost me over one hour as bind lacks proper error messages in this code
path.
Has that bug in bind (inadequate error reporting) been fixed?
--
[EMAIL PROTECTED]
http://etbe.coker.com.au/ My Blog
Sorry for the delay in replying, you forgot to CC me...
On Tuesday 16 September 2008 22:12, Josselin Mouette [EMAIL PROTECTED] wrote:
Le dimanche 14 septembre 2008 à 21:32 +1000, Russell Coker a écrit :
For a typical desktop system (such as my EeePC) a default installation of
SE Linux in
On Tue, Oct 07, 2008 at 06:38:12AM +1000, Russell Coker wrote:
On Tuesday 16 September 2008 04:14, Bastian Blank [EMAIL PROTECTED] wrote:
This
cost me over one hour as bind lacks proper error messages in this code
path.
Has that bug in bind (inadequate error reporting) been fixed?
Not
On Tuesday 16 September 2008 22:45, Julien Cristau [EMAIL PROTECTED]
wrote:
On Tue, Sep 16, 2008 at 14:12:13 +0200, Josselin Mouette wrote:
Le dimanche 14 septembre 2008 à 21:32 +1000, Russell Coker a écrit :
For a typical desktop system (such as my EeePC) a default installation
of SE
This one time, at band camp, Manoj Srivastava said:
On Tue, Sep 16 2008, Stephen Gran wrote:
This is a sid install of the default policy in non-enforcing mode. I
can't guarantee that every one of those complaints would have
generated errors that matter, but it doesn't look like we're tuned
Manoj Srivastava wrote:
I think we are have a low enough avc denial rates that
unconfined/permissive already provides value. We are pretty close to
achieving unconfined/enforcing fo Lenny, and with help from people I
think we can be there. strict/permissive and strinct/enforcing
Vincent Danjean wrote:
...
But if selinux is installed by default on all system, then I really
thing
that a basic documentation for Debian administrators (I mean people
managing machines with the Debian distribution on it, not admin of
official Debian machines) MUST be provided.
+1
...
On Tue, Sep 16 2008, Julien Cristau wrote:
I just tried booting with selinux=1 on my laptop. I see errors from mpd
related to /usr/lib/libtheora.so.0.3.3, from xdm starting my X session,
from sudo reading /etc/resolv.conf, from dmesg reading the system log,
from ssh-add connecting to the ssh
Manoj Srivastava wrote:
Firstly, what policy are you using? Has you machine been updated
to actually compile/load the policy? (Like a number of packages,
SELinux does need some configuration).
I guess the argument could be made that a package that can't autoconfigure
itself for some basic
On 16/09/08 13:44, Holger Levsen wrote:
On Tuesday 16 September 2008 13:40, Reinhard Tartler wrote:
so an `ls -Z` does not work for you?
It doesnt do anything useful here.
I'm all for enabling selinux per default, but I think it should be done, when
it works and such a change shouldnt be
On Tue, Sep 16 2008, Julien Cristau wrote:
I just tried booting with selinux=1 on my laptop. I see errors from mpd
related to /usr/lib/libtheora.so.0.3.3, from xdm starting my X session,
from sudo reading /etc/resolv.conf, from dmesg reading the system log,
from ssh-add connecting to the ssh
On Tue, 2008-09-16 at 13:05 -0500, Manoj Srivastava wrote:
On Tue, Sep 16 2008, Julien Cristau wrote:
I just tried booting with selinux=1 on my laptop. I see errors from mpd
related to /usr/lib/libtheora.so.0.3.3, from xdm starting my X session,
from sudo reading /etc/resolv.conf, from
This one time, at band camp, Josselin Mouette said:
Le dimanche 14 septembre 2008 à 21:32 +1000, Russell Coker a écrit :
For a typical desktop system (such as my EeePC) a default installation of
SE
Linux in Lenny works for most things.
What do you mean by most things? What is not
Le mardi 16 septembre 2008 à 13:05 -0500, Manoj Srivastava a écrit :
allow avahi_t httpd_t:dbus send_msg;
allow hald_t pcscd_t:dbus send_msg;
allow httpd_t avahi_t:dbus send_msg;
allow httpd_t system_dbusd_t:dbus send_msg;
allow insmod_t lib_t:file execute_no_trans;
allow mdadm_t
On Tue, Sep 16 2008, Stephen Gran wrote:
This is a sid install of the default policy in non-enforcing mode. I
can't guarantee that every one of those complaints would have
generated errors that matter, but it doesn't look like we're tuned for
a normal install just yet.
Well, seems
Manoj Srivastava wrote:
On Mon, Sep 15 2008, Raphael Geissert wrote:
Bastian Blank wrote:
On Mon, Sep 15, 2008 at 06:12:03PM +0200, Josselin Mouette wrote:
Le lundi 15 septembre 2008 à 10:12 -0500, Manoj Srivastava a écrit :
Agreed. Either SELinux is suitable with our default setup and
On Tue, Sep 16 2008, Raphael Geissert wrote:
There should and will, but only if it used.
I haven't had neither time nor interest to read the docs to correctly setup
SELinux. So, the several packages which are installed by default, because
of priority: standard, are completely useless.
I'd like to ask whether selinux should really be installed by default.
On the Linksys NSLU2, a very popular device with only 32 MB of RAM,
installing selinux-policy-default takes at least half an hour (with
heavy swapping) or possibly even more. This is a major regression
from the installer
On Sunday 14 September 2008, Martin Michlmayr wrote:
I'd like to ask whether selinux should really be installed by default.
On the Linksys NSLU2, a very popular device with only 32 MB of RAM,
installing selinux-policy-default takes at least half an hour (with
heavy swapping) or possibly even
Martin Michlmayr wrote:
I'd like to ask whether selinux should really be installed by default.
On the Linksys NSLU2, a very popular device with only 32 MB of RAM,
installing selinux-policy-default takes at least half an hour (with
heavy swapping) or possibly even more. This is a major
On Sunday 14 September 2008 19:08, Martin Michlmayr [EMAIL PROTECTED] wrote:
I'd like to ask whether selinux should really be installed by default.
On the Linksys NSLU2, a very popular device with only 32 MB of RAM,
installing selinux-policy-default takes at least half an hour (with
heavy
On Sunday 14 September 2008 20:40, Frans Pop [EMAIL PROTECTED] wrote:
Although I agree with your basic question, I do wonder how it can be a
regression from Etch as selinux was also priority standard for Etch.
It was my impression that selinux installation had become faster recently
after
22 matches
Mail list logo
