---
man/kernel-command-line.xml | 1 +
man/systemd.xml | 1 +
2 files changed, 2 insertions(+)
diff --git a/man/kernel-command-line.xml b/man/kernel-command-line.xml
index cc267a3..abe68e5 100644
--- a/man/kernel-command-line.xml
+++ b/man/kernel-command-line.xml
@@ -123,6 +123,7 @@
On Mon, Oct 14, 2013 at 04:44:23PM -0700, da...@davidstrauss.net wrote:
> From: David Strauss
>
> ---
> .gitignore | 1 +
> Makefile-man.am | 1 +
> Makefile.am | 20 +-
> man/systemd-sabridge.xml | 264
> src/sabridge/Makefile
On Mon, Oct 14, 2013 at 04:12:29PM -0700, Anatol Pomozov wrote:
> ---
> man/systemd-sleep.conf.xml | 8
> src/libsystemd-bus/kdbus.h | 2 +-
> 2 files changed, 5 insertions(+), 5 deletions(-)
Applied.
Zbyszek
___
systemd-devel mailing list
syst
On Mon, Oct 14, 2013 at 5:53 PM, Kay Sievers wrote:
> Please give it a name a human can parse and pronounce. :)
sa-bridge? act-bridge? other suggestions?
I named it in the spirit of cgtop, systemctl, etc., none of which use
delimiters.
--
David Strauss
| da...@davidstrauss.net
| +1 512 5
On Tue, Oct 15, 2013 at 1:44 AM, wrote:
> From: David Strauss
> src/sabridge/sabridge.c | 519
> +++
Please give it a name a human can parse and pronounce. :)
Kay
___
systemd-devel mailing list
systemd-d
---
man/systemd-sleep.conf.xml | 8
src/libsystemd-bus/kdbus.h | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/man/systemd-sleep.conf.xml b/man/systemd-sleep.conf.xml
index dc4b0da..d4b07a0 100644
--- a/man/systemd-sleep.conf.xml
+++ b/man/systemd-sleep.conf.xml
@@
On Mon, Oct 14, 2013 at 04:28:47PM -0700, Michael Demeter wrote:
> - Add AC_DEFINE for HAVE_SMACK to configure.ac
> - Add check for smack in Makefile.am to include smack default rules
> - Add smack default rules to label /dev/xxx correctly for access
> - Whitespace fixes
>
> Signed-off-by: Michael
On Mon, Oct 14, 2013 at 4:21 PM, Michael Demeter
wrote:
>> That's not the point, the point is is if *belongs* into the systemd
>> repo, not if it's *enabled* by default or not. From what I see, it's
>> nothing really we should ship upstream.
>
> If Smack is enabled in systemd it starts very early
Of course, I can commit this myself if there are no objections. The
risk to non-users of the tool is pretty much zero.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
From: David Strauss
---
.gitignore | 1 +
Makefile-man.am | 1 +
Makefile.am | 20 +-
man/systemd-sabridge.xml | 264
src/sabridge/Makefile| 28 +++
src/sabridge/sabridge.c | 519 +
Please ignore. This patch is incomplete.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
From: David Strauss
---
.gitignore | 1 +
Makefile-man.am | 1 +
Makefile.am | 20 +++-
3 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/.gitignore b/.gitignore
index 5e63b2a..d2d5da5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -71,6 +71,7 @@
/systemd-re
On Tue, Oct 15, 2013 at 1:21 AM, Michael Demeter
wrote:
> It looks to me like *everything* will have that label now. This is an
> unconditional rule.
>
>
> Yes. Without it nothing can use the /dev devices except systemd
Again and again:
This will apply the label to ttys:
SUBSYSTEM=="tty", SEC
- Add AC_DEFINE for HAVE_SMACK to configure.ac
- Add check for smack in Makefile.am to include smack default rules
- Add smack default rules to label /dev/xxx correctly for access
- Whitespace fixes
Signed-off-by: Michael Demeter
---
Makefile.am | 5 +
configure.ac
On Mon, Oct 14, 2013 at 3:54 PM, Kay Sievers wrote:
> On Mon, Oct 14, 2013 at 11:58 PM, Michael Demeter
> wrote:
>
>> +KERNEL=="tty[A-Z]*[0-9]|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*",
>> +GROUP="dialout", SECLABEL{smack}="*"
>
> The SECLABEL{} instruction in a separate line? What is that
Michael Demeter
Staff Security Engineer
Open Source Technology Center - SSG
Intel Corporation
On Oct 14, 2013, at 4:10 PM, Kay Sievers wrote:
> On Tue, Oct 15, 2013 at 12:59 AM, Michael Demeter
> wrote:
>> Yes is is very specific to Smack.
>
> Sure.
>
>> Yes this has been tested here.
>
>
On Mon, Oct 14, 2013 at 11:34:52PM +0300, Oleksii Shevchuk wrote:
> > systemctl --system status smartd.service
> smartd.service - Self Monitoring and Reporting Technology (SMART) Daemon
>Loaded: loaded (/usr/lib64/systemd/system/smartd.service; enabled)
>Active: active (running) since Пн 20
On Tue, Oct 15, 2013 at 12:59 AM, Michael Demeter
wrote:
> Yes is is very specific to Smack.
Sure.
> Yes this has been tested here.
It looks to me like *everything* will have that label now. This is an
unconditional rule.
> It is not included as a policy file when the image is built if Smack i
Yes is is very specific to Smack.
Yes this has been tested here.
It is not included as a policy file when the image is built if Smack is not
enabled.. So will not affect anyone not using smack.
Michael Demeter
Staff Security Engineer
Open Source Technology Center - SSG
Intel Corporation
On
On Mon, Oct 14, 2013 at 11:58 PM, Michael Demeter
wrote:
> +KERNEL=="tty[A-Z]*[0-9]|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*",
> +GROUP="dialout", SECLABEL{smack}="*"
The SECLABEL{} instruction in a separate line? What is that supposed
to do? Have you tested any of this?
Also, I'm not co
Sorry Kay and Lennart,
I really had no idea what you meant by your question until I spoke to Auke..
I have since resubmitted the patch this time based against upstream 2.08.
Michael Demeter
Staff Security Engineer
Open Source Technology Center - SSG
Intel Corporation
On Oct 14, 2013, at 9:26
- Add AC_DEFINE for HAVE_SMACK to configure.ac
- Add check for smack in Makefile.am to include smack default rules
- Add smack default rules to label /dev/xxx correctly for access
Signed-off-by: Michael Demeter
---
Makefile.am | 5 +
configure.ac |
> systemctl --system status smartd.service
smartd.service - Self Monitoring and Reporting Technology (SMART) Daemon
Loaded: loaded (/usr/lib64/systemd/system/smartd.service; enabled)
Active: active (running) since Пн 2013-10-14 11:19:05 EEST; 12h ago
Main PID: 2112 (smartd)
CGroup: /syste
On Mon, Oct 14, 2013 at 12:33 PM, Lennart Poettering
wrote:
> COuld you rebase please and try to reproduce
> the issue?
I'm not seeing the issue anymore after doing that, but I may have
fixed something on my side, too.
--
David Strauss
| da...@davidstrauss.net
| +1 512 577 5827 [mobile]
_
Thanks for all input!
Anthony Messina
On Monday, October 14, 2013 02:32:23 PM Colin Guthrie wrote:
2. Setting the protocols properly e.g. currently you have
ExecStartPre=/bin/sh -c 'echo lirc > /sys/class/rc/rc0/protocols' in the
https://github.com/leamas/lirc-pkg/blob/master/lircd.service, but
On Mon, 14.10.13 10:25, David Strauss (da...@davidstrauss.net) wrote:
>
> I'm not using multiple threads. This is occurring when I create, then
> mute, and then unmute an IO source.
Oh, hmm, we might be forgetting to remove the fd from the underlying fd
there.
Note that "mute" and "unmute" has
Slightly better performance now with per-connection buffers.
[root@olympian systemd]# ab -n1000 -c10 http://localhost:8080/
This is ApacheBench, Version 2.3 <$Revision: 1430300 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, h
Right now, I'm just using inet_ntop() for IP clients and nothing for
other types, but this does the annoying IPv6-mapped-IPv4 formatting.
instance_from_socket() in socket.c has some nice checks for this so
IPv4 comes out as a dotted quad, but maybe we should move that to
shared code?
It would be u
One of the biggest pains with accept() for socket activation is
supporting IPv4, IPv6, and Unix domain socket simultaneously while
being able to log useful information about the client.
Is there a straightforward way, using either existing libraries or
functions withing systemd, to do this without
I'm not using multiple threads. This is occurring when I create, then
mute, and then unmute an IO source.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
On Mon, 14.10.13 09:17, Michael Demeter (michael.deme...@intel.com) wrote:
> Smack is the simple mandatory access control, i.e. a LSM.
Kay knows that. He wanted to indicate that the option is called
SECLABEL{smack}= now, and there's no SMACK= udev field.
>
> On Oct 13, 2013, at 5:17 AM, Kay Siev
Smack is the simple mandatory access control, i.e. a LSM.
Michael Demeter
Staff Security Engineer
Open Source Technology Center - SSG
Intel Corporation
On Oct 13, 2013, at 5:17 AM, Kay Sievers wrote:
> On Sun, Oct 13, 2013 at 12:20 AM, Kok, Auke-jan H
> wrote:
>
>>> +KERNEL=="null",SMACK="*
On Monday, October 14, 2013 02:32:23 PM Colin Guthrie wrote:
> 2. Setting the protocols properly e.g. currently you have
> ExecStartPre=/bin/sh -c 'echo lirc > /sys/class/rc/rc0/protocols' in the
> https://github.com/leamas/lirc-pkg/blob/master/lircd.service, but this
> basically assumes $LIRC_DEVI
On Sun, 13.10.13 22:24, David Strauss (da...@davidstrauss.net) wrote:
> source_io_register errors out with EEXIST, but that's supposed to be
> harmless for epoll [1]:
>
> Q1: What happens if you add the same fd to an epoll_set twice?
> A1: You will probably get EEXIST. However, it is possible tha
On Mon, Oct 14, 2013 at 08:15:51AM +0200, Bastien Nocera wrote:
>
> glob_extend() would completely fail to work, or return incorrect
> data if it wasn't being passed the current getopt "optarg" variable
> as it used the global variable, instead of the passed parameters.
Eh, globals. Applied.
Zbys
On Sun, Oct 13, 2013 at 10:24:17PM -0700, David Strauss wrote:
> source_io_register errors out with EEXIST, but that's supposed to be
> harmless for epoll [1]:
>
> Q1: What happens if you add the same fd to an epoll_set twice?
> A1: You will probably get EEXIST. However, it is possible that two
>
On Sat, Oct 12, 2013 at 11:39:08AM +0200, Alec Leamas wrote:
> Some day David Strauss wrote:
> >On Sun, Oct 6, 2013 at 6:13 AM, Rave it wrote:
> >>A view in the spec file shows me that there is a lot of new things for me,
> >>ie. systemd.
> >>So i may need some assistents.
> >Please feel free to
Hi Alec
'Twas brillig, and Alec Leamas at 12/10/13 10:39 did gyre and gimble:
> Some day David Strauss wrote:
>> On Sun, Oct 6, 2013 at 6:13 AM, Rave it wrote:
>>> A view in the spec file shows me that there is a lot of new things
>>> for me, ie. systemd.
>>> So i may need some assistents.
>> Ple
On Mon, Oct 14, 2013 at 3:53 AM, David Strauss wrote:
> Here's a revised version that should be pretty close to done
And also aside from my Unix socket and IPv6 TODOs, which are tiny.
--
David Strauss
| da...@davidstrauss.net
| +1 512 577 5827 [mobile]
___
Here's a revised version that should be pretty close to done, except
for needing libasyncns and less logging. Blocking on getaddrinfo
doesn't concern me too much for the initial release, given that
primary use of this should be with localhost IPs.
If this gets a thumbs-up, I'll send in a proper pa
40 matches
Mail list logo
