According to this thread https://github.com/systemd/systemd/issues/11034,
kdbus can manage linux capabilities but dbus can't, isn't it?
Below is what I did in my binary
* r = sd_bus_open_system(&bus); if (r < 0) { sm_error("Failed to
connect to system bus\n"); } r = sd_bus_ca
Some more thoughts about the usefulness of dm-integrity:
1. There's some past work[1] on authenticated Btrfs, where the whole
filesystem is authenticated w/ a keyed hash algorithm. It's basically
dm-integrity built directly into the filesystem, with none of the
performance and complexity penal
> Why can't you just enable journalling in systemd-homed, so we have
LUKS+dm-integrity-journalling?
That's why there's two layers of dm-integrity stacked on top of each
other (one protecting the filesystem, one baked into the systemd-homed
LUKS image)
> If the user needs to separate / and /ho
Hey Andrei,
On Wed, Dec 1, 2021 at 1:51 PM Andrei Borzenkov wrote:
> On 01.12.2021 17:20, Brian Hutchinson wrote:
> > Hi,
> >
> > I'm on embedded imx8 mm platform and trying to order services such that
> > ptp4l (LinuxPTP) is started after a bond is created between two DSA
> network
> > interfac
Hey James,
Thanks! Responses below
On Wed, Dec 1, 2021 at 1:12 PM James Feeney wrote:
> On 12/1/21 07:20, Brian Hutchinson wrote:
> > ...
> > In .system file I tried all I know to ensure the required interfaces
> were created before starting ptp4l in attempt to give bonding enough time
> to fi
On 01.12.2021 17:20, Brian Hutchinson wrote:
> Hi,
>
> I'm on embedded imx8 mm platform and trying to order services such that
> ptp4l (LinuxPTP) is started after a bond is created between two DSA network
> interfaces on my Microchip Ethernet Switch.
>
> No matter what I try with BindsTo, Wants=,
On 12/1/21 07:20, Brian Hutchinson wrote:
...
In .system file I tried all I know to ensure the required interfaces were
created before starting ptp4l in attempt to give bonding enough time to finish
but binding to things like sys-subsystem-net-devices-bond1.device wasn't enough.
Is it also pos
Hi,
I'm on embedded imx8 mm platform and trying to order services such that
ptp4l (LinuxPTP) is started after a bond is created between two DSA network
interfaces on my Microchip Ethernet Switch.
No matter what I try with BindsTo, Wants=, Requires=, Before=, After=, when
the board boots and I wat
>>> Martin Wilck schrieb am 01.12.2021 um 10:41 in Nachricht
:
> On Wed, 2021‑12‑01 at 10:24 +0100, Ulrich Windl wrote:
>> > >
>>
>> And I wonder what's wrong with allowing the shutdown command for the
>> user in
>> sudoers.
>> (sudo $(which shutdown) ‑r now)
>
> Sure. I thought sudo might not
On Wed, 2021-12-01 at 10:24 +0100, Ulrich Windl wrote:
> > >
>
> And I wonder what's wrong with allowing the shutdown command for the
> user in
> sudoers.
> (sudo $(which shutdown) -r now)
Sure. I thought sudo might not be installed on that embedded system,
either. If it is, I'd prefer it over o
>>> Martin Wilck schrieb am 01.12.2021 um 10:06 in Nachricht
:
> On Tue, 2021‑11‑30 at 14:11 +0100, Mohamed Ali Fodha wrote:
>> Thanks, but I think using setuid has a security risk for attackers,
>> so I understand there is no so much granularity to manage
>> unprivileged access to systemd in case
On Tue, 2021-11-30 at 14:11 +0100, Mohamed Ali Fodha wrote:
> Thanks, but I think using setuid has a security risk for attackers,
> so I understand there is no so much granularity to manage
> unprivileged access to systemd in case the polkit is not used.
You could use setcap to set CAP_SYS_ADMIN c
12 matches
Mail list logo
