- Bill Nottingham nott...@redhat.com wrote:
Jens Petersen (peter...@redhat.com) said:
I meant to add that the reason this came up was I was trying to work
out where to put yum-langpacks in comps: yum-presto being one of the
reference packages I searched for.
So where can/should
On Fri, Jan 22, 2010 at 10:13:38AM +0100, Tomasz Torcz wrote:
On Fri, Jan 22, 2010 at 11:01:37AM +0200, Pasi Kärkkäinen wrote:
Hello,
Has there been any plans to support running custom post-up scripts for each
interface, after ifup interface ?
Debian allows you to specify:
On Fri, Jan 22, 2010 at 10:35:13AM +0100, Miloslav Trma?? wrote:
Pasi Kärkkäinen píše v Pá 22. 01. 2010 v 11:01 +0200:
Has there been any plans to support running custom post-up scripts for each
interface, after ifup interface ?
Debian allows you to specify:
iface eth0 inet static
Hello,
In Fedora 12 several daemons (e.g. dhclient) were modified to drop
unnecessary capabilities, most importantly the dac_override
capability, allowing the daemon to ignore file permission bits. This,
in combination with removing some permissions from important system
directories and files
Hello,
I do herewith request to take over the package mumble, currently owned by
igjurisk.
The maintainer seems to be unresponsive and all previous attempts of contact
have failed.
According to the policy for non-responsive package maintainers, this request
has to be approved
by at least one
On Fri, Jan 22, 2010 at 12:19:49PM +0100, Miloslav Trmač wrote:
Hello,
In Fedora 12 several daemons (e.g. dhclient) were modified to drop
unnecessary capabilities, most importantly the dac_override
capability, allowing the daemon to ignore file permission bits. This,
in combination with
Once upon a time, Miloslav TrmaÄ? m...@volny.cz said:
We can extend the protection to all executables by a simple addition to
redhat-rpm-config (https://bugzilla.redhat.com/show_bug.cgi?id=556897 ).
After applying this patch, executable files in all rebuilt packages
would not be writeable,
On Fri, Jan 22, 2010 at 01:08:46PM +0200, Pasi Kärkkäinen wrote:
grep ifup-local /etc/sysconfig/network-scripts/ifup-post
Thanks for pointing that out. I was looking at ifup-post,
and I thought ifup-local was a script provided by the system,
but it seems there's no such script as
Once upon a time, Miloslav TrmaÄ? m...@volny.cz said:
Chris Adams pÃÅ¡e v Pá 22. 01. 2010 v 08:06 -0600:
Once upon a time, Miloslav TrmaÃ? m...@volny.cz said:
We can extend the protection to all executables by a simple addition to
redhat-rpm-config
On 01/22/2010 07:53 AM, Ralf Corsepius wrote:
On 01/22/2010 01:22 PM, Tomas Mraz wrote:
These are checksums required by FIPS-140-2 integrity verification checks
of the fipscheck and ssh binaries.
I.e. package data.
= These packages are non-FHS compliant and qualify as broken.
I don't
On Fri, 2010-01-22 at 12:19 +0100, Miloslav Trmač wrote:
Hello,
In Fedora 12 several daemons (e.g. dhclient) were modified to drop
unnecessary capabilities, most importantly the dac_override
capability, allowing the daemon to ignore file permission bits. This,
in combination with removing
Hello Milos,
Monday, January 18, 2010, 2:27:22 PM, you wrote:
is there any good way how to handle the situation described at
https://bugzilla.redhat.com/show_bug.cgi?id=528524
?
I.e. you have a single library (single soname) which can be compiled
with or without GUI support (with
On Friday 15 January 2010 15:36:42 Sebastian Dziallas wrote:
[...]
I had attempted to package it, since it would be probably of interest
for the Design Suite, but building currently fails due to [1]. I'm not
sure whether I'll be able to look into it over the next days, but if
somebody else
On Fri, Jan 22, 2010 at 5:04 PM, Tomas Mraz tm...@redhat.com wrote:
No, it does not prevent malicious attacker from subverting the
executable. The integrity check prevents just inadvertent modification
of the executables/libraries which contain the certified code.
Like prelink? ;-)
m
--
On 01/22/2010 04:24 PM, Przemek Klosowski wrote:
On 01/22/2010 07:53 AM, Ralf Corsepius wrote:
On 01/22/2010 01:22 PM, Tomas Mraz wrote:
These are checksums required by FIPS-140-2 integrity verification checks
of the fipscheck and ssh binaries.
I.e. package data.
= These packages are
On Fri, Jan 22, 2010 at 4:11 PM, Ralf Corsepius rc040...@freenet.de wrote:
On 01/22/2010 04:24 PM, Przemek Klosowski wrote:
On 01/22/2010 07:53 AM, Ralf Corsepius wrote:
On 01/22/2010 01:22 PM, Tomas Mraz wrote:
These are checksums required by FIPS-140-2 integrity verification
checks
Am Freitag, den 22.01.2010, 14:52 +0100 schrieb Andreas Osowski:
Hello,
I do herewith request to take over the package mumble, currently owned by
igjurisk.
The maintainer seems to be unresponsive and all previous attempts of contact
have failed.
According to the policy for non-responsive
On 01/22/2010 01:53 PM, Ralf Corsepius wrote:
On 01/22/2010 01:22 PM, Tomas Mraz wrote:
On Fri, 2010-01-22 at 12:41 +0100, Ralf Corsepius wrote:
Hi,
On FC12 I found this:
# ls /usr/bin/.*.hmac
/usr/bin/.fipscheck.hmac
/usr/bin/.ssh.hmac
# rpm -qf /usr/bin/.*.hmac
Chris Adams (cmad...@hiwaay.net) said:
How about moving /usr/bin/runcon to /bin and using that to call bash
instead?
The problem is that the context it needs to run at isn't static; it
depends on the policy of the machine. Hence, you don't want to hardcode
a runcon call in the script.
Bill
--
Richard Zidlicky (r...@linux-m68k.org) said:
.. just wondering why it's under /sbin and not under
/etc/sysconfig/network-scripts/
It doesn't feel very good to add custom configuration under /sbin.
same opinion here. I have actually used this for a while, adds one more thing
that
On Fri, 22 Jan 2010, Christoph Wickert wrote:
Am Freitag, den 22.01.2010, 14:52 +0100 schrieb Andreas Osowski:
Hello,
I do herewith request to take over the package mumble, currently owned by
igjurisk.
The maintainer seems to be unresponsive and all previous attempts of contact
have
-Original Message-
From: devel-boun...@lists.fedoraproject.org
[mailto:devel-boun...@lists.fedoraproject.org] On Behalf Of
Denis Leroy
Sent: Friday, January 22, 2010 8:34 AM
To: Development discussions related to Fedora
Subject: Re: FC12: Hidden files in /usr/bin/*
*snip*
Am Freitag, den 22.01.2010, 17:28 +0100 schrieb Christoph Wickert:
Am Freitag, den 22.01.2010, 14:52 +0100 schrieb Andreas Osowski:
Hello,
I do herewith request to take over the package mumble, currently owned by
igjurisk.
The maintainer seems to be unresponsive and all previous attempts
Hi,
I'm wondering if anyone tested this upgrade...
[mic...@ozzy ~]$ mc
-bash: /usr/share/mc/bin/mc-wrapper.sh: Nie ma takiego pliku ani katalogu
This is one of my most commonly used program
cut -f1 -d .bash_history | sort | uniq -c | sort -nr | head -n 5
612 git
73 sudo
68 exit
On Fri, Jan 22, 2010 at 8:03 PM, Tom Lane t...@redhat.com wrote:
The separate /lib directory tree seems the way to go, to me. That way
/usr/share instead of /lib seems more appropriate -
m
--
martin.langh...@gmail.com
mar...@laptop.org -- School Server Architect
- ask interesting
On 01/22/2010 02:03 PM, Tom Lane wrote:
Przemek Klosowski przemek.klosow...@nist.gov writes:
On 01/22/2010 11:11 AM, Ralf Corsepius wrote:
Does it really mandate pollution /usr/bin and thus $PATH?
OK, I see, you don't object to the checksums in principle, just to the
location of the files.
On Fri, Jan 22, 2010 at 01:13:06PM -0500, Tony Nelson wrote:
Perhaps there should be a default /sbin/ifup-local script that
dispatches to /etc/sysconfig/network-scripts/ifup-local/interface?
It could contain useful comments, including that it is by default
replaceable as its target
On Fri, Jan 22, 2010 at 03:42:47PM -0500, Bill Nottingham wrote:
Tony Nelson (tonynel...@georgeanelson.com) said:
same opinion here. I have actually used this for a while, adds
one more thing that needs be verified after system upgrades, not
very nice.
Realistically, the
On 10-01-22 13:29:11, Bruno Wolff III wrote:
On Fri, Jan 22, 2010 at 13:15:04 -0500,
Tony Nelson tonynel...@georgeanelson.com wrote:
Put SELinux into Permissive mode for single-user mode? Or just
print a suggestion to do that? (I'd think that SELinux would
normally be perceived as
Martin Langhoff wrote:
/usr/share instead of /lib seems more appropriate -
/usr/share is for architecture-independent files. These checksums are as
architecture-specific as the executables they pertain to. But they should be in
/usr/lib*/subdirectory, not in /lib.
Björn Persson
On Fri, Jan 22, 2010 at 10:05:04PM +0100, Richard Zidlicky wrote:
On Fri, Jan 22, 2010 at 03:42:47PM -0500, Bill Nottingham wrote:
Tony Nelson (tonynel...@georgeanelson.com) said:
same opinion here. I have actually used this for a while, adds
one more thing that needs be verified
On 01/22/2010 05:30 PM, Matt Domsch wrote:
On Fri, Jan 22, 2010 at 03:06:24PM -0500, Peter Jones wrote:
Well, the standard IIRC does want them to be separate, though again it's
important to realize that this check isn't meant to protect against an
attack, but rather to check against erroneous
We also +R'd #fedora-admin so the recent freenode spammers aren't as
annoying. This means you have to be registered to chat with us. we'll
revert in the future.
-Mike
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
I'm building a package for levmar. Upstream does not use autoconf,
automake, or libtool. The supplied makefile builds a statically linked
library, liblevmar.a. With trivial changes I can build a shared library
liblevmar.so instead, and I've verified that this works with the
supplied demo
2010/1/22 Miloslav Trmač m...@volny.cz:
Hello,
In Fedora 12 several daemons (e.g. dhclient) were modified to drop
unnecessary capabilities, most importantly the dac_override
capability, allowing the daemon to ignore file permission bits. This,
in combination with removing some permissions
35 matches
Mail list logo
