On Fri, 21 Sep 2018, Kees Cook wrote:
> On Fri, Sep 21, 2018 at 5:19 PM, Casey Schaufler
> wrote:
> > + * lsm_early_inode - during initialization allocate a composite inode blob
> > + * @inode: the inode that needs a blob
> > + *
> > + * Allocate the inode blob for all the modules if it's not
Ack. (sorry for the HTML email)
On Wed, 3 Oct 2018, 23:52 Ondrej Mosnacek, wrote:
> Since the default value of watch_file is set unconditionally *after* the
> command-line arguments have been parsed, the -f option is (and has
> always been) effectively ignored. Fix this by setting it before the
The overlayfs tests require setfattr and getfattr which are part of
the attr package in Fedora.
Signed-off-by: Paul Moore
---
README.md |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 2c871d3..cf90ef6 100644
--- a/README.md
+++ b/README.md
Since the default value of watch_file is set unconditionally *after* the
command-line arguments have been parsed, the -f option is (and has
always been) effectively ignored. Fix this by setting it before the
parsing.
Fixes: 48681bb49c03 ("policycoreutils: restorecond: make restorecond
On 10/02/2018 11:58 AM, Al Viro wrote:
On Tue, Oct 02, 2018 at 01:18:30PM +0200, Ondrej Mosnacek wrote:
No. With the side of Hell, No. The bug is real, but this is
not the way to fix it.
First of all, it's still broken - e.g. mount something on a
subdirectory and watch what that thing will
Quoting Stephen Smalley (2018-10-02 12:41:54)
> On 10/02/2018 02:48 PM, Taras Kondratiuk wrote:
> > Quoting Stephen Smalley (2018-09-21 07:40:58)
> >> If we set the inode sid to the superblock def_sid on an invalid
> >> context, then we lose the association to the original context value.
> >> The
Hi Al,
On Tue, Oct 2, 2018 at 5:58 PM Al Viro wrote:
> On Tue, Oct 02, 2018 at 01:18:30PM +0200, Ondrej Mosnacek wrote:
>
> No. With the side of Hell, No. The bug is real, but this is
> not the way to fix it.
>
> First of all, it's still broken - e.g. mount something on a
> subdirectory and
