are appreciated.
Regards,
Petr
--
Petr Lautrbach, Red Hat, Inc.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
You could try running: rpm -Va --nofiles --nodigest
Hi,
this is fixed with upstart-0.6.5-12.fc15 [1] which drops upstart-sysvinit and
should
hit rawhide soon.
[1] http://lists.fedoraproject.org/pipermail/devel/2010-October/144375.html
Regards,
Petr
--
Petr Lautrbach, Red Hat, Inc.
--
devel
On 10/15/2010 01:13 AM, Kevin Kofler wrote:
Petr Lautrbach wrote:
systemd will be default init system in Fedora 15 and scripts
infrastructure will be adapted to it. There is a plan to leave upstart in
Fedora as non-official alternative.
I don't think this is a good idea at all. We want users
initscripts-legacy is complement to initscripts
initscripts-legacy should have
Requires: %{name} = %{version}-%{release}
Petr
--
Petr Lautrbach, Red Hat, Inc.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
update and since it's
closed it
went out of my sight. Also I missed you comment. I'm sorry. Feel free to reopen
a bug if you think that an issue is not fixed.
Here's an update https://admin.fedoraproject.org/updates/openssh-5.9p1-27.fc17
petr
--
Petr Lautrbach, Red Hat, Inc.
http://cz.redhat.com
my point of view, it's same as any other
program you can use via
ssh and I believe that openssh-clients is the right place for it.
sftp subsystem is configured by default so you can use it if you need transfer
files to minimal system.
Petr
--
Petr Lautrbach, Red Hat, Inc.
http://cz.redhat.com
On 11/12/2012 06:44 PM, Seth Vidal wrote:
On Mon, 12 Nov 2012, Petr Lautrbach wrote:
scp is a ssh client. It connects to other host using a ssh connection and runs
'scp -t' or 'scp -f'
commands on the remote side. From my point of view, it's same as any other
program you can use via
ssh
Hi all,
I'm going to push update cyrus-sasl-2.1.26 into Rawhide soon. Part of this
update
is also SONAME bump to libsasl2.so.3.
The main issue with this update is that it would break buildroot since there is
the openldap
package requiring libsasl2.so.2 which is part of buildroot. So I'll do
On 01/22/2013 03:53 PM, Bruno Wolff III wrote:
On Tue, Jan 22, 2013 at 15:19:18 +0100,
Petr Lautrbach plaut...@redhat.com wrote:
It's my understanding that there will be mass rebuild soon so I wouldn't
rebuild all of them manually,
but I would wait for this rebuild.
Comments? Suggestions
On 01/23/2013 10:53 AM, Petr Pisar wrote:
On 2013-01-22, Petr Lautrbachplaut...@redhat.com wrote:
I'm going to push update cyrus-sasl-2.1.26 into Rawhide soon. Part of
this update is also SONAME bump to libsasl2.so.3.
The main issue with this update is that it would break buildroot since
in .spec files (no new scriplets
needed) and also to configurations
without tmpfs on /var/{run,lock}
Petr
--
Petr Lautrbach, Red Hat, Inc.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
0 0
tmpfs /var/lock tmpfs rw,noexec,nosuid,nodev,mode=775,gid=54
0 0
Petr
--
Petr Lautrbach, Red Hat, Inc.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
On Tue, Nov 30, 2010 at 08:21:32AM +0100, Aurelien Bompard wrote:
Hi all,
I'm orphaning awstats, a web log file analyzer.
If anyone's interested...
I will take it.
Petr
--
Petr Lautrbach, Red Hat, Inc.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org
On Wed, May 25, 2011 at 11:33:50AM +0200, Kevin Kofler wrote:
Hi,
today this update:
https://admin.fedoraproject.org/updates/upstart-1.2-2.fc14
got pushed to F14. (FWIW, I don't see how this is consistent with the update
policies, but that's not the matter here.)
Hi,
upstart-1.x branch
On 05/25/2011 09:33 PM, Rahul Sundaram wrote:
On 05/25/2011 04:34 PM, Petr Lautrbach wrote:
upstart-1.2-2 hasn't changed upstart behavior. It fixes upstream bugs and
also adds new
features like new stanzas (manual,debug) and also .override files
feature adapted from Ubuntu.
We don't do
On 05/26/2011 12:44 PM, Rahul Sundaram wrote:
On 05/26/2011 03:45 PM, Petr Lautrbach wrote:
Ok, I admit that I should have sent announcement to allow wider awareness.
upstart-1.0 branch is in fact minor update of upstart-0.6.5, it was just
declared stable.
.override files [1] in upstart
On 07/07/2010 10:29 PM, Tom spot Callaway wrote:
[plautrba] finger: finger-server-0.17-39.fc12.x86_64
Fixed and built for Rawhide.
Petr
--
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
/2013-January/176599.html
Petr
--
Petr Lautrbach plaut...@redhat.com, Red Hat, Inc.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
...
Lennart
[1] well, sure tcpwrap resolves DNS dynamically and can use that for
access control, but people who bind access control to DNS really should
find a different job than administrator...
--
Petr Lautrbach
Security Technologies
Red Hat
Better technology. Faster innovation
~ ]# ssh localhost
Fedora release 21 (Rawhide)
root@localhost's password:
Petr
--
Petr Lautrbach
Security Technologies
Red Hat
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com.
signature.asc
Description: OpenPGP digital signature
--
devel
Hello all,
awstats-7.2 upgraded license to GPLv3+.
awstats-7.2-1.fc21 is being built for Rawhide right now.
Regards,
Petr
--
Petr Lautrbach
signature.asc
Description: OpenPGP digital signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman
Fedora systems without non-root users in
local network.
- default sudoers uses password of an user for authentication, so even
when I have a non-root user in wheel group, I only need one user's
password to become root
- how much users of these enforced users will be 'user' or 'test'?
Petr
--
Petr
. was
added in 2006.
Thanks,
-- Pasi
--
Petr Lautrbach
signature.asc
Description: OpenPGP digital signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Dne 11.6.2015 v 14:42 Colin Walters napsal(a):
On Thu, Jun 11, 2015, at 06:51 AM, Jan Kurik wrote:
= Proposed System Wide Change: SELinux policy store migration =
https://fedoraproject.org/wiki/Changes/SELinuxPolicyStoreMigration
Change owner(s):
* Petr Lautrbach plautrba at redhat dot com
.
Petr
--
Petr Lautrbach
signature.asc
Description: OpenPGP digital signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Dne 15.6.2015 v 12:15 Lennart Poettering napsal(a):
On Mon, 15.06.15 11:15, Petr Lautrbach (plaut...@redhat.com) wrote:
Dne 13.6.2015 v 19:07 Lennart Poettering napsal(a):
On Fri, 12.06.15 19:00, Miroslav Grepl (mgr...@redhat.com) wrote:
On 06/12/2015 12:17 PM, Lennart Poettering wrote
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1076441
Thanks,
Petr
--
Petr Lautrbach
signature.asc
Description: OpenPGP digital signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http
or issues with migration on
seli...@lists.fedoraproject.org mailing list.
[1] https://fedoraproject.org/wiki/Changes/SELinuxPolicyStoreMigration
Petr
--
Petr Lautrbach
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct
pm -qlp policycoreutils-2.4-13.fc24.x86_64.rpm \
> | grep sbin/restorecon
> ...
> /usr/sbin/restorecon
>
> # rpm -q --provides -p policycoreutils-2.4-13.fc24.x86_64.rpm \
> | grep sbin/restorecon
> ...
> /sbin/restorecon
>
> => Likely, something is broken with
Hi,
libselinux upstream plans to disallow to use getpidcon(0, ) in sense of
getpidcon(getpid(), )
This behavior has never been documented and it's implementation is
considered error prone.
There seems to be no such case in Fedora but if your project uses
getpidcon() with pid == 0 to get the
name[level:], package, level)
ImportError: No module named '_selinux'
# dnf update
...
# rpm -q libselinux
libselinux-2.5-8.fc25.x86_64
# python3 -c 'import selinux'
#
Petr
--
Petr Lautrbach
signature.asc
Description: OpenPGP digital signature
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
On 06/30/2016 09:52 PM, Richard W.M. Jones wrote:
> On Thu, Jun 30, 2016 at 09:23:45PM +0200, Petr Lautrbach wrote:
>> On 06/30/2016 06:13 PM, Lennart Poettering wrote:
>>> On Thu, 30.06.16 10:45, Simo Sorce (s...@redhat.com) wrote:
>>>
>>>>>> Insert yo
temd can't read fedora-relabel unit file now
Unless we want to loosen the policy to allow systemd read file with any
file context, it will be up to a administrator to set a permissive mode
via the kernel command line
(5) the relabeling service will still need to have StandardInput=tty to
provide a possib
de, has broken things. Please
> do not assume that the reason why rawhide is currently a little stale
> is due to intentionally not pushing changes or holding anything back
> because it is not. It is entirely a matter of the type of breakage we
> want to avoid going forward,
>
> Dennis
>
>
On Wed, Feb 22, 2017 at 09:05:14AM -0800, Adam Williamson wrote:
> On Wed, 2017-02-22 at 17:30 +0100, Petr Lautrbach wrote:
> >
> > > Rawhide has been broken since the 15th, First due to nss, then rdma-
> > > core, followed by policycoreutils and setools breakages.
On 02/23/2017 12:27 AM, Adam Williamson wrote:
> On Thu, 2017-02-23 at 00:22 +0100, Petr Lautrbach wrote:
>>
>> I have a fix for it in setools-4.1.0-1.fc26.6 -
>> https://copr.fedorainfracloud.org/coprs/build/516358/
>>
>>
>> python3-networkx is only
On 02/22/2017 07:14 PM, Petr Lautrbach wrote:
> On Wed, Feb 22, 2017 at 09:05:14AM -0800, Adam Williamson wrote:
>> On Wed, 2017-02-22 at 17:30 +0100, Petr Lautrbach wrote:
>>>
>>>> Rawhide has been broken since the 15th, First due to nss, then rdma-
>>
information about this releases see [3],[4]
[1] https://copr.fedorainfracloud.org/coprs/plautrba/selinux-2.6/
[2] https://marc.info/?l=selinux=147646050027049=2
[3] https://marc.info/?l=selinux=146237109422331=2
[4] https://marc.info/?l=selinux=148521504308304=2
Petr
--
Petr Lautrbach
Hi,
libselinux golang bindings [1] haven't been touched since 2014, have
never been upstreamed, nothing requires/uses them in Fedora and since
there's another SELinux golang bindings maintained by opencontainers [2]
I'm going to drop them from Fedora Rawhide.
[1]
On Tue, Oct 10, 2017 at 05:06:02PM +0200, Zygmunt Krynicki wrote:
>
> As it's too early to tell which way we'll go with SELinux and golang I
> think it's okay to drop this. Once we start to make some progress into
> making any policy work in snapd we'll either revive this or use a
> maintained
On Tue, Oct 24, 2017 at 09:10:32AM +0200, Dominik 'Rathann' Mierzejewski wrote:
> Hello, Lukas.
> Thanks for this thread.
>
> On Monday, 23 October 2017 at 17:50, Lukas Vrabec wrote:
> > On 10/21/2017 08:48 PM, Kevin Fenzi wrote:
> [...]
> > > Also, perhaps it would make sense to move to a more
On Tue, Oct 24, 2017 at 12:25:14PM +0200, Petr Lautrbach wrote:
> On Tue, Oct 24, 2017 at 09:10:32AM +0200, Dominik 'Rathann' Mierzejewski
> wrote:
> > Hello, Lukas.
> > Thanks for this thread.
> >
> > On Monday, 23 October 2017 at 17:50, Lukas Vrabec wrote:
>
Hi,
we are going to drop file_contexts.bin from selinux-policy-targeted package.
file_contexts.bin file is regenerated by sefcontext_compile utility every time
policy is rebuilt, e.g. during update, after semodule -B, ... and this file
contains pre compiled pcre regexes from file_contexts.
We
On Wed, Nov 01, 2017 at 09:59:29AM +0100, Igor Gnatenko wrote:
> On Wed, 2017-11-01 at 09:46 +0100, Petr Lautrbach wrote:
> > Hi,
> >
> > we are going to drop file_contexts.bin from selinux-policy-targeted
> > package.
> >
> > file_contexts.bin file is re
Hi,
I orphaned vim-vimoutliner.
I switched to emacs and haven't touched it for some time.
Thanks,
Petr
signature.asc
Description: PGP signature
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to
It's already reported - https://bugzilla.redhat.com/show_bug.cgi?id=1832327
It's `fixfiles` issue related to the following file context change:
+ /s?bin/arping -- system_u:object_r:netutils_exec_t:s0
- /sbin/arping -- system_u:object_r:netutils_exec_t:s0
`fixfiles` script
laut...@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1814223 - Assignee Petr Lautrbach
but
https://src.stg.fedoraproject.org/rpms/setroubleshoot -
Bugzilla Assignee:
Fedora:
dwalsh
EPEL:
dwalsh
signature.asc
Description: PGP signature
On Thu, Sep 10, 2020 at 03:46:38PM +0200, Michal Schorm wrote:
> Does this mean, the "setenforce 0" won't work anymore?
No, setenforce will not be affected by this change.
> I use it quite a lot to examine the denials and audit2allow to
> generate updated rules which fixes my issues.
>
> I
> Migrate users to using ''selinux=0'' if they want to disable SELinux.
> >
> > == Owner ==
> > * Name: [[User:plautrba| Petr Lautrbach]]
> > * Email: plaut...@redhat.com
> > * Name: [[User:omos| Ondrej Mosnacek]]
> > * Email: omosn...@redhat.com
> >
>
On Wed, Sep 16, 2020 at 04:07:11PM +0200, Ondrej Mosnacek wrote:
> On Thu, Sep 10, 2020 at 6:05 PM Robbie Harwood wrote:
> >
> > Ondrej Mosnacek writes:
> >
> > > James Cassell wrote:
> > >> Ben Cotton wrote:
> > >>
> > >>>
On Fri, Jun 26, 2020 at 08:39:19PM +0200, Robert-André Mauchin wrote:
> Hello,
>
>
> I know next to nothing about SELinux so I'd like some help about the Bitcoin
> Package Review by negativo17:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1834731
>
> Notably: are the bitcoin.{te,fc,if}
On Wed, Nov 04, 2020 at 03:48:28PM +0100, Miro Hrončok wrote:
> On 11/4/20 3:41 PM, Gary Buhrmaster wrote:
> > On Wed, Nov 4, 2020 at 8:48 AM Petr Lautrbach wrote:
> >
> > > As none of packages which require either libsepol or libsemanage use
> > > d
On Wed, Nov 04, 2020 at 09:47:50AM +0100, Petr Lautrbach wrote:
> Hi,
>
> in order to prevent backward compatibility libsepol and libsemanage used had
> few
> symbols defined twice and used symbol versioning for them. But when LTO was
> enabled these symbols were complet
Hi,
in order to prevent backward compatibility libsepol and libsemanage used had few
symbols defined twice and used symbol versioning for them. But when LTO was
enabled these symbols were completely dropped during compilation, see
https://github.com/SELinuxProject/selinux/issues/245
In order to
Petr Lautrbach writes:
> Kevin Fenzi writes:
>
>> Greetings everyone.
>>
>> We finally have everything in place and hopefully tested to make the
>> switch tomorrow from master to rawhide/main branches for
>> src.fedoraproject.org.
>>
>> At
Kevin Fenzi writes:
> Greetings everyone.
>
> We finally have everything in place and hopefully tested to make the
> switch tomorrow from master to rawhide/main branches for
> src.fedoraproject.org.
>
> At 13:30UTC we will adjust pagure to reject pushes to 'master' and then
> will be moving
Gary Buhrmaster writes:
> On Mon, Jul 18, 2022 at 6:44 AM Petr Lautrbach wrote:
>>
>> Dan Čermák writes:
>> >
>> > Just out of curiosity, how large is the speedup typically?
>> >
>
>>
>> It depends on the number of threads your machine
runs `fixfiles onboot`, SELinux autorelabel
>>will be run in parallel by default.
>>
>>== Owner ==
>>* Name: [[User:plautrba| Petr Lautrbach]]
>>* Email: plaut...@redhat.com
>>
>>
>>== Detailed Description ==
>>SELinux tools `restorecon` and `fixf
Steve Grubb writes:
> On Monday, June 26, 2023 2:47:01 PM EDT Peter Robinson wrote:
>> On Thu, Jun 22, 2023 at 5:15 PM Aoife Moloney wrote:
>> >
>> >
>> > https://fedoraproject.org/wiki/Changes/LibuserDeprecation
>> >
>> >
>> >
>> >
>> > This document represents a proposed Change. As part of
Ondrej Pohorelsky writes:
> I've removed cron.allow from my PR[0] and reverted to cron.deny approach.
> As this was the only disputed change in these PRs so far, I plan on merging
> both of them into rawhide at the end of this week.
> However, if you see any issue with merging this "middle
Ben Beasley writes:
> sestatus
This is based on upstream commit d464187c37529c [1]:
policycoreutils: sestatus belongs to bin not sbin
It is quite useful even to non-privileged users and doesn't require any
privileges to work, except for maybe -v.
Some tools hard code
commit 5a1bf04e90ec6ab45e78c9f3c114736c713f26f5
Author: Petr Lautrbach plaut...@redhat.com
Date: Thu Sep 4 11:48:59 2014 +0200
initial release
perl-Geo-IP.spec | 128 +
1 files changed, 3 insertions(+), 125 deletions(-)
---
diff --git
62 matches
Mail list logo