On Tue, Oct 8, 2013 at 2:54 AM, Schaufler, Casey
wrote:
>> http://cgit.freedesktop.org/systemd/systemd/commit/?id=c26547d6127333
>> 71494330e26c7d3604a5dba3d9
>>
>> Please check if that works for you.
>
> It's OK for devices. It won't work for files in general, as Smack
> uses multiple attributes
temd-devel] Patch for Smack labelling support in udev
>
> On Thu, Sep 12, 2013 at 10:13 PM, Kok, Auke-jan H jan.h@intel.com> wrote:
> > On Thu, Sep 12, 2013 at 10:23 AM, Kay Sievers wrote:
> >> On Fri, Aug 9, 2013 at 8:56 PM, Kok, Auke-jan H
> >> wrote:
&
On Thu, Sep 12, 2013 at 10:13 PM, Kok, Auke-jan H
wrote:
> On Thu, Sep 12, 2013 at 10:23 AM, Kay Sievers wrote:
>> On Fri, Aug 9, 2013 at 8:56 PM, Kok, Auke-jan H
>> wrote:
>>> On Wed, Jul 24, 2013 at 3:15 AM, Reshetova, Elena
>>> wrote:
>>
For example, I can set a couple of smack-related
On Thu, Sep 12, 2013 at 10:23 AM, Kay Sievers wrote:
> On Fri, Aug 9, 2013 at 8:56 PM, Kok, Auke-jan H
> wrote:
>> On Wed, Jul 24, 2013 at 3:15 AM, Reshetova, Elena
>> wrote:
>
>>> For example, I can set a couple of smack-related xattrs in one go like
>>> XATTR{security.SMACK64}="*", XATTR{secu
On Thu, Sep 12, 2013 at 10:13 PM, Kok, Auke-jan H
wrote:
> I realize that unsetting/removal is a concern, but I don't think it
> should preclude merging code that is better at setting/adding :^)
Oh, sure it does. We can and should not add generic and possibly
unfinished and only partially workin
On Fri, Aug 9, 2013 at 8:56 PM, Kok, Auke-jan H
wrote:
> On Wed, Jul 24, 2013 at 3:15 AM, Reshetova, Elena
> wrote:
>> For example, I can set a couple of smack-related xattrs in one go like
>> XATTR{security.SMACK64}="*", XATTR{security.SMACK64EXEC}="*".
>> Doesn't make sense from smack point o
er, Casey; walyong@samsung.com
> Subject: Re: [systemd-devel] Patch for Smack labelling support in udev
>
> On Tue, Jul 9, 2013 at 4:34 PM, Reshetova, Elena
> wrote:
>>> -static int node_permissions_apply(struct udev_device *dev, bool
>>> apply, mo
-Original Message-
From: Kay Sievers [mailto:k...@vrfy.org]
Sent: Tuesday, July 16, 2013 10:12 PM
To: Reshetova, Elena
Cc: Lennart Poettering; systemd-devel@lists.freedesktop.org; Ware, Ryan R;
Schaufler, Casey; walyong@samsung.com
Subject: Re: [systemd-devel] Patch for Smack labelling
-Original Message-
From: Kay Sievers [mailto:k...@vrfy.org]
Sent: Tuesday, July 16, 2013 10:12 PM
To: Reshetova, Elena
Cc: Lennart Poettering; systemd-devel@lists.freedesktop.org; Ware, Ryan R;
Schaufler, Casey; walyong@samsung.com
Subject: Re: [systemd-devel] Patch for Smack
On Tue, Jul 9, 2013 at 4:34 PM, Reshetova, Elena
wrote:
>> -static int node_permissions_apply(struct udev_device *dev, bool
>> apply, mode_t mode, uid_t uid, gid_t gid)
>> +static int node_permissions_apply(struct udev_device *dev, bool apply,
>> mode_t mode,
>> +
walyong....@samsung.com
Subject: Re: [systemd-devel] Patch for Smack labelling support in udev
On Tue, Jul 9, 2013 at 3:47 PM, Reshetova, Elena
wrote:
> Does the attached patch look better? I have fixed the sequence of
> xattr processing (now just after uid, gid, mode and etc.) + switched
>
On Tue, Jul 9, 2013 at 3:47 PM, Reshetova, Elena
wrote:
> Does the attached patch look better? I have fixed the sequence of xattr
> processing (now just after uid, gid, mode and etc.) + switched to use a list
> for collecting the xattrs.
> I think it is more generic to allow many xattrs to be set
Smack labelling support in udev
On Wed, Jul 3, 2013 at 1:04 PM, Reshetova, Elena
wrote:
>>Things like:
>> ..., XATTR{foo}="foo", XATTR{bar}="bar"
>>would just eat the entire foo key. That is intentional? We usually
>>have lists for that, or we would not a
On Wed, Jul 3, 2013 at 1:04 PM, Reshetova, Elena
wrote:
>>Things like:
>> ..., XATTR{foo}="foo", XATTR{bar}="bar"
>>would just eat the entire foo key. That is intentional? We usually have lists
>>for that, or we would not allow 2 keys ...
>
> Hm.. Do we want to allow multiple xattr setup on the
-Original Message-
From: Kay Sievers [mailto:k...@vrfy.org]
Sent: Tuesday, June 25, 2013 7:30 PM
To: Reshetova, Elena
Cc: Lennart Poettering; systemd-devel@lists.freedesktop.org; Ware, Ryan R;
Schaufler, Casey; walyong@samsung.com
Subject: Re: [systemd-devel] Patch for Smack labelling
On Tue, Jun 25, 2013 at 5:23 PM, Reshetova, Elena
wrote:
> Here is the draft for the changed patch. Is it along the lines you were
> thinking about?
> Please ignore the small details such as cosmetics and etc. now: I am still
> planning to test it properly and cleanup, but first I want to understa
: [systemd-devel] Patch for Smack labelling support in udev
On Wed, 19.06.13 12:09, Reshetova, Elena (elena.reshet...@intel.com) wrote:
> >>>> This is the patch for review for enabling smack labelling for
> >>>> device
> nodes.
> >>>>
> >>>>
-Original Message-
From: Lennart Poettering [mailto:lenn...@poettering.net]
Sent: Thursday, June 20, 2013 10:08 PM
To: Reshetova, Elena
On Wed, 19.06.13 12:09, Reshetova, Elena (elena.reshet...@intel.com) wrote:
> This is the patch for review for enabling smack labelling for
>
On Wed, 19.06.13 12:09, Reshetova, Elena (elena.reshet...@intel.com) wrote:
> This is the patch for review for enabling smack labelling for device
> nodes.
>
> The functionality and reasoning is inside. I will be happy to answer
> any questions.
> >>>
> >>> So, this needs some
On Tue, Jun 18, 2013 at 4:43 AM, Auke-jan H Kok < auke-jan.h@intel.com >
wrote:
On Mon, Jun 17, 2013 at 9:37 PM, Kyungmin Park wrote:
>> Hi Elena,
>>
>> On Thu, Jun 6, 2013 at 7:10 PM, Lennart Poettering
>>> wrote:
On Wed, 08.05.13 11:16, Reshetova, Elena (elena.reshet...@intel.com)
w
On Mon, Jun 17, 2013 at 9:37 PM, Kyungmin Park wrote:
> Hi Elena,
>
> On Thu, Jun 6, 2013 at 7:10 PM, Lennart Poettering
> wrote:
>> On Wed, 08.05.13 11:16, Reshetova, Elena (elena.reshet...@intel.com) wrote:
>>
>>> Hi,
>>>
>>> This is the patch for review for enabling smack labelling for device
Hi Elena,
On Thu, Jun 6, 2013 at 7:10 PM, Lennart Poettering
wrote:
> On Wed, 08.05.13 11:16, Reshetova, Elena (elena.reshet...@intel.com) wrote:
>
>> Hi,
>>
>> This is the patch for review for enabling smack labelling for device nodes.
>>
>> The functionality and reasoning is inside. I will be h
On Wed, 08.05.13 11:16, Reshetova, Elena (elena.reshet...@intel.com) wrote:
> Hi,
>
> This is the patch for review for enabling smack labelling for device nodes.
>
> The functionality and reasoning is inside. I will be happy to answer any
> questions.
So, this needs some HAVE_SMACK ifdeffery a
-Original Message-
From: Colin Walters [mailto:walt...@verbum.org]
Sent: Wednesday, May 08, 2013 4:14 PM
To: Reshetova, Elena
Cc: systemd-devel@lists.freedesktop.org; Schaufler, Casey; Ware, Ryan R
Subject: Re: [systemd-devel] Patch for Smack labelling support in udev
>On Wed, 2013-05
On Wed, 2013-05-08 at 11:16 +, Reshetova, Elena wrote:
> The functionality and reasoning is inside. I will be happy to answer
> any questions.
Why is this different from how SELinux works? There from what I can
see there's a centralized API to look up the expected label for a given
filename
Hi,
This is the patch for review for enabling smack labelling for device nodes.
The functionality and reasoning is inside. I will be happy to answer any
questions.
Best Regards,
Elena.
0001-Adding-Smack-support-for-udev-nodes-labelling.patch
Description: Binary data
smime.p7s
Desc
26 matches
Mail list logo
