-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/26/2010 02:49 PM, Dhaval Giani wrote:
> On Thu, Aug 26, 2010 at 8:44 PM, Daniel J Walsh wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On 08/26/2010 01:18 PM, Daniel P. Berrange wrote:
>>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/26/2010 01:18 PM, Daniel P. Berrange wrote:
> On Thu, Aug 26, 2010 at 01:04:33PM -0400, Daniel J Walsh wrote:
>>
>> I don't know. My goal with sandbox was to allow users to startup
>> sandboxes in such a way that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/26/2010 12:18 PM, Matthew Miller wrote:
> On Thu, Aug 26, 2010 at 09:59:59AM -0400, Matthew Miller wrote:
>> Dan, *could* systemd as it stands provide what you need for sandboxes?
>
> Having looked a bit more at libcgroup, let me put this questi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/26/2010 09:59 AM, Matthew Miller wrote:
> On Wed, Aug 25, 2010 at 10:13:05PM -0400, Daniel J Walsh wrote:
>>> Hmm, why is libcgroup pulled in by policycoreutils? What's the
>>> rationale?
>> It is used for conf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/25/2010 05:46 PM, Lennart Poettering wrote:
> On Wed, 25.08.10 17:04, Matthew Miller (mat...@mattdm.org) wrote:
>
>> If you are using the libcgroup package, and in particular the cgconfig
>> serivice, be aware that this will break systemd. This
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/24/2010 03:39 PM, Lennart Poettering wrote:
> On Tue, 24.08.10 09:44, Daniel J Walsh (dwa...@redhat.com) wrote:
>
>> I would add security things.
>>
>> Starting a service sends audit messages from the proper loginuid.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/24/2010 08:45 AM, Matthias Clasen wrote:
> On Mon, 2010-08-23 at 23:06 -0400, Bill Nottingham wrote:
>
> Hey Bill,
>
> this is a very good initial list, this should make it very easy for QA
> to whip up a test plan for systemd. Some comments be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/30/2010 08:22 PM, Camilo Mesias wrote:
> OK, an update. I reinstalled F13, added Picasa 3 from the Google repo.
> It does run although it triggers tens of SELinux alerts about
> mmap_zero on "unknown".
>
> The messages are pretty confusing reall
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
fedpkg build
fedpkg build
Traceback (most recent call last):
File "/usr/bin/fedpkg", line 959, in
args.command(args)
File "/usr/bin/fedpkg", line 297, in build
mymodule.init_koji(args.user, kojiconfig)
File "/usr/lib/python2.7/site-pac
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/30/2010 04:51 AM, Alexander Boström wrote:
> fre 2010-07-30 klockan 12:51 +0530 skrev Rahul Sundaram:
>> On 07/30/2010 12:47 PM, Camilo Mesias wrote:
>>> The use cases in case anyone's interested: Install Picasa3 (which uses
>>> its own wine vers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/29/2010 02:19 AM, Adam Williamson wrote:
> On Wed, 2010-07-28 at 23:08 -0600, Kevin Fenzi wrote:
>> On Wed, 28 Jul 2010 19:33:46 -0700
>> John Poelstra wrote:
>>
>>>
>>> Open Fedora 14 Alpha Blocker Bugs = 6
>>> Days until Release Candidate Comp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/22/2010 11:31 PM, Horst H. von Brand wrote:
> Let's go off into a tangent:
>
> Just booted my x86_64 rawhide box (up to date) into systemd. SELinux is
> enforcing.
>
> Boot works, but not graphical boot.
>
> The output from the rc scripts is m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/21/2010 12:53 PM, Adam Williamson wrote:
> On Wed, 2010-07-21 at 09:45 -0400, Daniel J Walsh wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On 07/21/2010 09:39 AM, Ankur Sinha wrote:
>>> On W
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/21/2010 09:39 AM, Ankur Sinha wrote:
> On Wed, 2010-07-21 at 09:25 -0400, Colin Walters wrote:
>> On Wed, Jul 21, 2010 at 8:42 AM, Ankur Sinha wrote:
>>>
type=SELINUX_ERR msg=audit(1279715487.164:21): security_compute_sid:
invalid co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/21/2010 08:42 AM, Ankur Sinha wrote:
> type=SELINUX_ERR msg=audit(1279715487.164:21): security_compute_sid: invalid
> context unconfined_u:unconfined_r:telepathy_mission_control_t:s0-s0:c0.c1023
> for scontext=unconfined_u:unconfined_r:unconfi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/21/2010 07:12 AM, Ankur Sinha wrote:
> hi,
>
> I've just run into it too.
>
> Updated my system . Here's the yum history list of the latest update:
>
>> Loaded plugins: auto-update-debuginfo, fastestmirror, presto, protectbase,
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This program takes three inputs.
The executable that init will exec.
The directory where the executable would create the object. (fifo_file,
sock_file, file ...)
The "type" of the object to be created
In order to test this, you need to tell setsockco
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am noticing the following in F14
type=1400 audit(1279559591.480:31): avc: denied { read } for pid=526
comm="udevd" name="/" dev=autofs ino=9519
scontext=system_u:system_r:udev_t:s0-s0:c0.c1023
tcontext=system_u:object_r:autofs_t:s0 tclass=dir
typ
On 07/15/2010 06:04 AM, Richard W.M. Jones wrote:
> On Thu, Jul 15, 2010 at 03:29:34PM +0530, Rahul Sundaram wrote:
>> On 07/15/2010 02:22 PM, Richard W.M. Jones wrote:
>>> On Tue, Jul 13, 2010 at 04:47:40PM +0200, Tomasz Torcz wrote:
>>>
There are sometimes such obvious errors and missing
On 07/14/2010 05:02 PM, Jeffrey Ollie wrote:
> On Wed, Jul 14, 2010 at 2:13 PM, Lennart Poettering
> wrote:
>> On Wed, 14.07.10 14:07, Jeffrey Ollie (j...@ocjtech.us) wrote:
>>
>>>
>>> I've been trying to test systemd on my dev box but without success so
>>> far. My system boots up and I get the
On 07/15/2010 07:47 AM, Till Maas wrote:
> On Wed, Jul 14, 2010 at 08:54:13PM +0200, Lennart Poettering wrote:
>
>> Generally I think it is a good idea to ignore errors like this if they
>> are clearly caught by later commands, simply for robustness
>> reasons. i.e. if the command really fails to
On 07/14/2010 03:20 PM, Lennart Poettering wrote:
> On Wed, 14.07.10 14:24, Daniel J Walsh (dwa...@redhat.com) wrote:
>
>>>> myapp_t creating a directory in var_run_t will be labeled
>>>> myapp_var_run_t. I would just need to go through all the policy that
>&
On 07/14/2010 02:54 PM, Lennart Poettering wrote:
> On Wed, 14.07.10 13:31, Chris Adams (cmad...@hiwaay.net) wrote:
>
>>
>> Once upon a time, Lennart Poettering said:
>>> Yes this would work, though in a different syntax:
>>>
>>> ExecStartPre=-/bin/mkdir -p /var/run/foo ; -/sbin/restorecon /var
On 07/14/2010 02:19 PM, Lennart Poettering wrote:
> On Wed, 14.07.10 13:47, Daniel J Walsh (dwa...@redhat.com) wrote:
>
>>> Hardcoding foo_t is bad if they ever switch policy (MLS, etc.). But
>>> it is an option.
>>>
>>> Bill
>> Not sure this work
On 07/14/2010 01:01 PM, Bill Nottingham wrote:
> Lennart Poettering (mzerq...@0pointer.de) said:
>> Well, I don't think we want to support both. I believe F14 should be
>> systemd and only systemd, but we want the option to revert to upstart
>> should that not work out.
>>
>> I am very much intere
On 07/14/2010 10:58 AM, Bill Nottingham wrote:
> Lennart Poettering (mzerq...@0pointer.de) said:
>> Since the acceptance by FESCO it has been added to Rawhide together with
>> patched or updated versions of a few related packages. However, what has
>> not been done so far is making it the default
On 07/13/2010 10:37 AM, Till Maas wrote:
> On Tue, Jul 13, 2010 at 08:55:47AM -0400, Daniel J Walsh wrote:
>> If you are changing the locate of an executable or libraries the
>> executables write to, please make sure SELinux labels are still
>> consistant or contact the selinu
On 07/13/2010 10:11 AM, Christopher Brown wrote:
> On 13 July 2010 14:44, Daniel J Walsh wrote:
>> On 07/13/2010 09:30 AM, Rahul Sundaram wrote:
>>> On 07/13/2010 06:58 PM, Christopher Brown wrote:
>>>> No. SELinux is unacceptable when it displays ridiculous warning
On 07/13/2010 09:30 AM, Rahul Sundaram wrote:
> On 07/13/2010 06:58 PM, Christopher Brown wrote:
>> No. SELinux is unacceptable when it displays ridiculous warning
>> messages to users telling them it has detected suspicious activity on
>> a system that has ONLY JUST BEEN INSTALLED.
>>
>
> That
If you are changing the locate of an executable or libraries the
executables write to, please make sure SELinux labels are still
consistant or contact the selinux developers for help. IF you update a
package in a released version of Fedora and change the locations you
MUST make sure it still works
On 06/03/2010 05:48 AM, Frank Murphy wrote:
> On 03/06/10 10:37, Richard Hughes wrote:
>> On 3 June 2010 10:26, Frank Murphy wrote:
>>> Is it ok to test on an XFCE?
>>> it only pulls in 4pkgs.
>>
>> I assume so, I've never tested. If it fails, it would be good to know
>> what other runtime package
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/12/2010 08:28 AM, Peter Czanik wrote:
> Hello,
>
> 2010-04-08 21:06 keltezéssel, Daniel J Walsh írta:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On 04/08/2010 10:02 AM, Peter Czanik wrote:
>&g
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/08/2010 10:02 AM, Peter Czanik wrote:
> Hello,
>
> I'm helping to upgrade syslog-ng to current version in major Linux
> distributions. I would like to ask, if you could update syslog-ng to
> version 3.1. I'm working on the openSUSE version of sy
On 03/21/2010 10:44 AM, Jonathan Underwood wrote:
> On 19 March 2010 23:52, Lennart Poettering wrote:
>
>> That is a security hole. Since /tmp knows no further access control an
>> evil user can just create dirs there for each and every single user on
>> the system. Those directories will then
On 03/16/2010 12:29 PM, Colin Walters wrote:
> On Tue, Mar 16, 2010 at 12:16 PM, Daniel J Walsh wrote:
>
>> PLEASE do not use /tmp for communications. Use /var/run if the service is
>> running as root, or can create a socket in /var/run.
>>
> In this cas
On 03/16/2010 11:17 AM, Colin Walters wrote:
> On Tue, Mar 16, 2010 at 10:54 AM, Matthias Clasen wrote:
>
>> Any reason this cannot be an abstract socket ? Of course, then you have
>> to check peer creds and figure out a way to communicate the socket name,
>> but at least you don't have to wor
On 03/08/2010 02:47 PM, Adam Williamson wrote:
> On Sun, 2010-03-07 at 09:48 -0500, Neal Becker wrote:
>
>> Updating : selinux-policy-targeted-3.6.32-92.fc12.noarch
>> 64/215
>> libsepol.scope_copy_callback: audioentropy: Duplicate declaration in module:
>> type/attribute entropyd_var_ru\
On 03/08/2010 06:28 AM, Rakesh Pandit wrote:
> On 7 March 2010 20:18, Neal Becker wrote:
>
>> Updating : selinux-policy-targeted-3.6.32-92.fc12.noarch
>> 64/215
>> libsepol.scope_copy_callback: audioentropy: Duplicate declaration in module:
>> type/attribute entropyd_var_ru\
>> n_t (No
On 03/07/2010 09:48 AM, Neal Becker wrote:
> Updating : selinux-policy-targeted-3.6.32-92.fc12.noarch
> 64/215
> libsepol.scope_copy_callback: audioentropy: Duplicate declaration in module:
> type/attribute entropyd_var_ru\
> n_t (No such file or directory).
> libsemanage.semanage_link_sand
301 - 339 of 339 matches
Mail list logo