On 07/12/16 13:16, Eric W. Biederman wrote:
> Topi Miettinen writes:
>
>> On 07/11/16 21:57, Eric W. Biederman wrote:
>>> Topi Miettinen writes:
>>>
There are many basic ways to control processes, including capabilities,
cgroups and resource
On 07/12/16 13:16, Eric W. Biederman wrote:
> Topi Miettinen writes:
>
>> On 07/11/16 21:57, Eric W. Biederman wrote:
>>> Topi Miettinen writes:
>>>
There are many basic ways to control processes, including capabilities,
cgroups and resource limits. However, there are far fewer ways
On 07/12/16 14:59, Tejun Heo wrote:
> On Mon, Jul 11, 2016 at 07:47:44PM +, Topi Miettinen wrote:
>> It's really critical to be able to associate a task in the logs to
>> cgroups which were valid that time. Or can we infer somehow what cgroups
>
> When is "that time"? Without logging all
On 07/12/16 14:59, Tejun Heo wrote:
> On Mon, Jul 11, 2016 at 07:47:44PM +, Topi Miettinen wrote:
>> It's really critical to be able to associate a task in the logs to
>> cgroups which were valid that time. Or can we infer somehow what cgroups
>
> When is "that time"? Without logging all
On Tue, Jul 12, 2016 at 9:16 AM, Eric W. Biederman
wrote:
> Not logging capabilities outside of the initial user namespace is
> certainly the conservative place to start, and what selinux does.
FYI, we added some basic userns capability smarts to SELinux in Linux 4.7.
On Tue, Jul 12, 2016 at 9:16 AM, Eric W. Biederman
wrote:
> Not logging capabilities outside of the initial user namespace is
> certainly the conservative place to start, and what selinux does.
FYI, we added some basic userns capability smarts to SELinux in Linux 4.7.
commit
On Mon, Jul 11, 2016 at 7:14 AM, Topi Miettinen wrote:
> There are many basic ways to control processes, including capabilities,
> cgroups and resource limits. However, there are far fewer ways to find
> out useful values for the limits, except blind trial and error.
>
>
On Mon, Jul 11, 2016 at 7:14 AM, Topi Miettinen wrote:
> There are many basic ways to control processes, including capabilities,
> cgroups and resource limits. However, there are far fewer ways to find
> out useful values for the limits, except blind trial and error.
>
> Currently, there is no
On Mon, Jul 11, 2016 at 07:47:44PM +, Topi Miettinen wrote:
> It's really critical to be able to associate a task in the logs to
> cgroups which were valid that time. Or can we infer somehow what cgroups
When is "that time"? Without logging all operations, this is
meaningless.
> a task was
On Mon, Jul 11, 2016 at 07:47:44PM +, Topi Miettinen wrote:
> It's really critical to be able to associate a task in the logs to
> cgroups which were valid that time. Or can we infer somehow what cgroups
When is "that time"? Without logging all operations, this is
meaningless.
> a task was
Topi Miettinen writes:
> On 07/11/16 21:57, Eric W. Biederman wrote:
>> Topi Miettinen writes:
>>
>>> There are many basic ways to control processes, including capabilities,
>>> cgroups and resource limits. However, there are far fewer ways to find
>>>
Topi Miettinen writes:
> On 07/11/16 21:57, Eric W. Biederman wrote:
>> Topi Miettinen writes:
>>
>>> There are many basic ways to control processes, including capabilities,
>>> cgroups and resource limits. However, there are far fewer ways to find
>>> out useful values for the limits, except
On 07/11/16 21:57, Eric W. Biederman wrote:
> Topi Miettinen writes:
>
>> There are many basic ways to control processes, including capabilities,
>> cgroups and resource limits. However, there are far fewer ways to find
>> out useful values for the limits, except blind trial
On 07/11/16 21:57, Eric W. Biederman wrote:
> Topi Miettinen writes:
>
>> There are many basic ways to control processes, including capabilities,
>> cgroups and resource limits. However, there are far fewer ways to find
>> out useful values for the limits, except blind trial and error.
>>
>>
Topi Miettinen writes:
> There are many basic ways to control processes, including capabilities,
> cgroups and resource limits. However, there are far fewer ways to find
> out useful values for the limits, except blind trial and error.
>
> Currently, there is no way to know
Topi Miettinen writes:
> There are many basic ways to control processes, including capabilities,
> cgroups and resource limits. However, there are far fewer ways to find
> out useful values for the limits, except blind trial and error.
>
> Currently, there is no way to know which capabilities
On 07/11/16 17:09, Tejun Heo wrote:
> Hello,
>
> On Mon, Jul 11, 2016 at 02:14:31PM +0300, Topi Miettinen wrote:
>> [ 28.443674] audit: type=1327 audit(1468234333.144:520):
>> proctitle=6D6B6E6F64002F6465762F7A5F343639006300310032
>> [ 28.465888] audit: type=1330 audit(1468234333.144:520):
On 07/11/16 17:09, Tejun Heo wrote:
> Hello,
>
> On Mon, Jul 11, 2016 at 02:14:31PM +0300, Topi Miettinen wrote:
>> [ 28.443674] audit: type=1327 audit(1468234333.144:520):
>> proctitle=6D6B6E6F64002F6465762F7A5F343639006300310032
>> [ 28.465888] audit: type=1330 audit(1468234333.144:520):
On 07/11/16 16:05, Topi Miettinen wrote:
> On 07/11/16 15:25, Serge E. Hallyn wrote:
>> Quoting Topi Miettinen (toiwo...@gmail.com):
>>> There are many basic ways to control processes, including capabilities,
>>> cgroups and resource limits. However, there are far fewer ways to find
>>> out useful
On 07/11/16 16:05, Topi Miettinen wrote:
> On 07/11/16 15:25, Serge E. Hallyn wrote:
>> Quoting Topi Miettinen (toiwo...@gmail.com):
>>> There are many basic ways to control processes, including capabilities,
>>> cgroups and resource limits. However, there are far fewer ways to find
>>> out useful
Hello,
On Mon, Jul 11, 2016 at 02:14:31PM +0300, Topi Miettinen wrote:
> [ 28.443674] audit: type=1327 audit(1468234333.144:520):
> proctitle=6D6B6E6F64002F6465762F7A5F343639006300310032
> [ 28.465888] audit: type=1330 audit(1468234333.144:520):
> cap_used=0800
> [ 28.482080]
Hello,
On Mon, Jul 11, 2016 at 02:14:31PM +0300, Topi Miettinen wrote:
> [ 28.443674] audit: type=1327 audit(1468234333.144:520):
> proctitle=6D6B6E6F64002F6465762F7A5F343639006300310032
> [ 28.465888] audit: type=1330 audit(1468234333.144:520):
> cap_used=0800
> [ 28.482080]
On 07/11/16 15:25, Serge E. Hallyn wrote:
> Quoting Topi Miettinen (toiwo...@gmail.com):
>> There are many basic ways to control processes, including capabilities,
>> cgroups and resource limits. However, there are far fewer ways to find
>> out useful values for the limits, except blind trial and
On 07/11/16 15:25, Serge E. Hallyn wrote:
> Quoting Topi Miettinen (toiwo...@gmail.com):
>> There are many basic ways to control processes, including capabilities,
>> cgroups and resource limits. However, there are far fewer ways to find
>> out useful values for the limits, except blind trial and
Quoting Topi Miettinen (toiwo...@gmail.com):
> There are many basic ways to control processes, including capabilities,
> cgroups and resource limits. However, there are far fewer ways to find
> out useful values for the limits, except blind trial and error.
>
> Currently, there is no way to know
Quoting Topi Miettinen (toiwo...@gmail.com):
> There are many basic ways to control processes, including capabilities,
> cgroups and resource limits. However, there are far fewer ways to find
> out useful values for the limits, except blind trial and error.
>
> Currently, there is no way to know
There are many basic ways to control processes, including capabilities,
cgroups and resource limits. However, there are far fewer ways to find
out useful values for the limits, except blind trial and error.
Currently, there is no way to know which capabilities are actually used.
Even the source
There are many basic ways to control processes, including capabilities,
cgroups and resource limits. However, there are far fewer ways to find
out useful values for the limits, except blind trial and error.
Currently, there is no way to know which capabilities are actually used.
Even the source
Hi,
[auto build test ERROR on cgroup/for-next]
[also build test ERROR on v4.7-rc5]
[cannot apply to next-20160701]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
Hi,
[auto build test ERROR on cgroup/for-next]
[also build test ERROR on v4.7-rc5]
[cannot apply to next-20160701]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
30 matches
Mail list logo