Re: [RFC] mmap file_contexts and property_contexts:

2016-09-19 Thread Jason Zaman
On 20 Sep 2016 12:50 pm, "William Roberts" wrote: > > On Sep 19, 2016 21:16, "Jason Zaman" wrote: > > > > On 20 Sep 2016 5:47 am, wrote: > > > > > > From: William Roberts > > > > > > THIS

Re: [RFC] mmap file_contexts and property_contexts:

2016-09-19 Thread William Roberts
On Sep 19, 2016 21:16, "Jason Zaman" wrote: > > On 20 Sep 2016 5:47 am, wrote: > > > > From: William Roberts > > > > THIS IS WIP... > > > > Rather than using stdio and making copies, just mmap the files > > and use

Re: [RFC] mmap file_contexts and property_contexts:

2016-09-19 Thread Jason Zaman
On 20 Sep 2016 5:47 am, wrote: > > From: William Roberts > > THIS IS WIP... > > Rather than using stdio and making copies, just mmap the files > and use the pointers in place. The affect of this change, is that > text file load time is

RE: [RFC] mmap file_contexts and property_contexts:

2016-09-19 Thread Roberts, William C
FYI I only tested this with checkfc... > -Original Message- > From: Roberts, William C > Sent: Monday, September 19, 2016 2:45 PM > To: selinux@tycho.nsa.gov; seandroid-l...@tycho.nsa.gov; s...@tycho.nsa.gov; > jda...@google.com > Cc: Roberts, William C >

[RFC] mmap file_contexts and property_contexts:

2016-09-19 Thread william . c . roberts
From: William Roberts THIS IS WIP... Rather than using stdio and making copies, just mmap the files and use the pointers in place. The affect of this change, is that text file load time is now faster than binary load time by 4.7% when testing with a file_contexts

Re: sandox -X not working with recent Xephyr

2016-09-19 Thread Laurent Bigonville
Le 19/09/16 à 20:26, Stephen Smalley a écrit : On 09/19/2016 02:02 PM, Petr Lautrbach wrote: On Mon, Sep 19, 2016 at 10:39:45AM -0400, Stephen Smalley wrote: On 09/18/2016 02:39 PM, Laurent Bigonville wrote: Hi, It seems that sandbox -X is not working anymore on debian. Xephyr (1.18.4) is

Re: sandox -X not working with recent Xephyr

2016-09-19 Thread Stephen Smalley
On 09/19/2016 02:02 PM, Petr Lautrbach wrote: > On Mon, Sep 19, 2016 at 10:39:45AM -0400, Stephen Smalley wrote: >> On 09/18/2016 02:39 PM, Laurent Bigonville wrote: >>> Hi, >>> >>> It seems that sandbox -X is not working anymore on debian. >>> >>> Xephyr (1.18.4) is giving me the following error:

Re: sandox -X not working with recent Xephyr

2016-09-19 Thread Petr Lautrbach
On Mon, Sep 19, 2016 at 10:39:45AM -0400, Stephen Smalley wrote: > On 09/18/2016 02:39 PM, Laurent Bigonville wrote: > > Hi, > > > > It seems that sandbox -X is not working anymore on debian. > > > > Xephyr (1.18.4) is giving me the following error: > > > > _XSERVTransmkdir: ERROR: euid !=

[PATCH v2] sandbox: Use GObject introspection binding instead of pygtk2

2016-09-19 Thread Laurent Bigonville
From: Petr Lautrbach sandbox command is also now using GTK 3.0 This patch comes from Fedora patch set Signed-off-by: Laurent Bigonville --- policycoreutils/sandbox/sandbox | 18 +++--- 1 file changed, 11 insertions(+), 7 deletions(-) diff

Re: [PATCH] sandbox: Use GObject introspection binding instead of pygtk2

2016-09-19 Thread Petr Lautrbach
On Mon, Sep 19, 2016 at 10:58:10AM -0400, Stephen Smalley wrote: > On 09/18/2016 11:46 AM, Laurent Bigonville wrote: > > From: Laurent Bigonville > > > > sandbox command is also now using GTK 3.0 > > > > This patch comes from Fedora patch set > > Need a Signed-off-by. If you

Re: [PATCH] sandbox: Use GObject introspection binding instead of pygtk2

2016-09-19 Thread Stephen Smalley
On 09/18/2016 11:46 AM, Laurent Bigonville wrote: > From: Laurent Bigonville > > sandbox command is also now using GTK 3.0 > > This patch comes from Fedora patch set Need a Signed-off-by. If you can extract the actual original patch with its author and signed-off-by, that's

Re: sandox -X not working with recent Xephyr

2016-09-19 Thread Stephen Smalley
On 09/18/2016 02:39 PM, Laurent Bigonville wrote: > Hi, > > It seems that sandbox -X is not working anymore on debian. > > Xephyr (1.18.4) is giving me the following error: > > _XSERVTransmkdir: ERROR: euid != 0,directory /tmp/.X11-unix will not be > created. > > The X socket is not created

Re: [PATCH v5] libselinux: correct error path to always try text

2016-09-19 Thread Stephen Smalley
On 09/16/2016 03:37 PM, william.c.robe...@intel.com wrote: > From: William Roberts > > patch 5e15a52aaa cleans up the process_file() routine, > but introduced a bug. If the binary file cannot be > opened, always attempt to fall back to the textual file, > this was

Re: [PATCH] sandbox: Use dbus-launch instead of dbus-run-session

2016-09-19 Thread Petr Lautrbach
On 09/19/2016 12:32 AM, Laurent Bigonville wrote: > From: Laurent Bigonville > > According to dbus upstream: "dbus-launch is fairly horrible code, > complicated by the historical need for it to support X11 autolaunching, > so the D-Bus maintainers would like to move it out of the

Re: [PATCH] sandbox: Use GObject introspection binding instead of pygtk2

2016-09-19 Thread Petr Lautrbach
On Sun, Sep 18, 2016 at 05:46:09PM +0200, Laurent Bigonville wrote: > From: Laurent Bigonville > > sandbox command is also now using GTK 3.0 > > This patch comes from Fedora patch set Works for me on Fedora with python 3 and on latest RHEL-7 with python 2 as well. Note: the