On Sat, 18.02.12 18:55, Colin Guthrie (gm...@colin.guthr.ie) wrote:
> 'Twas brillig, and Jan Engelhardt at 09/02/12 03:43 did gyre and gimble:
> > On Thursday 2012-02-09 03:44, Lennart Poettering wrote:
> >
> >> Heya,
> >>
> >> http://www.freedesktop.org/software/systemd/systemd-41.tar.xz
> >
>
On Fri, 17.02.12 16:47, Dave Reisner (d...@falconindy.com) wrote:
> Based on the premise that we shouldn't develop a case of NIH, link
> against a library whose sole purpose in life is parsing tab files.
Hmmm, using the glibc api setmntent() is hardly NIH, is it?
I am not strictly against this,
On Mon, Feb 20, 2012 at 3:25 PM, Lennart Poettering
wrote:
> On Sat, 18.02.12 18:55, Colin Guthrie (gm...@colin.guthr.ie) wrote:
>
>> 'Twas brillig, and Jan Engelhardt at 09/02/12 03:43 did gyre and gimble:
>> > On Thursday 2012-02-09 03:44, Lennart Poettering wrote:
>> >
>> >> Heya,
>> >>
>> >> h
On Mon, Feb 20, 2012 at 03:31:01PM +0100, Lennart Poettering wrote:
> On Fri, 17.02.12 16:47, Dave Reisner (d...@falconindy.com) wrote:
>
> > Based on the premise that we shouldn't develop a case of NIH, link
> > against a library whose sole purpose in life is parsing tab files.
>
> Hmmm, using t
On Mon, 20.02.12 15:47, Santi Béjar (sa...@agolina.net) wrote:
> > I think it is a good idea to make git work nicely with a natural flow of
> > commits rather than adapt the flow of commits to git log.
> >
> > Or in short: a new --show-tags switch for git log sounds like an awesome
> > solution he
On Mon, 20.02.12 09:50, Dave Reisner (d...@falconindy.com) wrote:
>
> On Mon, Feb 20, 2012 at 03:31:01PM +0100, Lennart Poettering wrote:
> > On Fri, 17.02.12 16:47, Dave Reisner (d...@falconindy.com) wrote:
> >
> > > Based on the premise that we shouldn't develop a case of NIH, link
> > > again
On Wed, 15.02.12 17:33, ayoub ayoub (ayoubb...@gmail.com) wrote:
> Hi,
> When systemd start executing ,i want to see the list of running services
> ,one by one ,on my console , and witch files the service needs (binary ,
> script..) with details ?
Booting in debug mode "systemd.log_level=debug
On Thu, 16.02.12 22:53, mokasin (mok4...@googlemail.com) wrote:
> > failure exit codes)
> >
> > Lennart
> >
>
> It seems also to ignore an exit code due to an error.
>
> If the service failed to start for an actual reason, wouldn't systemd
> fail to recognize it?
Yes, we prefixing with "-" ensu
On Fri, 17.02.12 16:00, Colin Guthrie (gm...@colin.guthr.ie) wrote:
> If you have your system setup for a server without a graphical display,
> you expect all (well 1 through 6 anyway) ttys to be text logins. I think
> this is uncontroversial.
>
> Currently, if you have a graphical system, then t
On Wed, 15.02.12 14:23, Roberto Sassu (roberto.sa...@polito.it) wrote:
> The mount of the securityfs filesystem is now performed in the main systemd
> executable as it is used by IMA to provide the interface for loading custom
> policies. The unit file 'units/sys-kernel-security.mount' has been re
On Wed, 15.02.12 14:23, Roberto Sassu (roberto.sa...@polito.it) wrote:
> The new function ima_setup() loads an IMA custom policy from a file in the
> default location '/etc/sysconfig/ima-policy', if present, and writes it to
> the path 'ima/policy' in the security filesystem. This function is exec
On Wed, 15.02.12 17:26, Roberto Sassu (roberto.sa...@polito.it) wrote:
>
> On 02/15/2012 03:30 PM, Gustavo Sverzut Barbieri wrote:
> >On Wed, Feb 15, 2012 at 11:23 AM, Roberto Sassu
> >wrote:
> >>The new function ima_setup() loads an IMA custom policy from a file in the
> >>default location '/e
On Wed, 15.02.12 18:12, Roberto Sassu (roberto.sa...@polito.it) wrote:
> The location of the policy file is not IMA dependent. I chose that
> because it seemed to me the right place where to put this file.
> So, i can easily modify the location to be distribution independent
> but i don't known wh
On Thu, 16.02.12 15:56, Michael Cassaniti (m.cassan...@gmail.com) wrote:
> Also, I certainly have no such things in my system and see no point in
> calling ima_setup() on it. Or even compiling the source file in such
> case.
>
> >>>Ok. I can enclose the code in ima-setup.c within
On Thu, 16.02.12 12:30, Gustavo Sverzut Barbieri (barbi...@profusion.mobi)
wrote:
> > Since the policy loading can be implemented in different ways depending
> > on the init system (systemd, upstart, ...), an user must identify the
> > components to be measured for each case. Instead, if the IMA
On Thu, 16.02.12 19:50, Gustavo Sverzut Barbieri (barbi...@profusion.mobi)
wrote:
> >> Then I wonder: why not make an ima-init binary that:
> >> - does ima_setup()
> >> - exec systemd || upstart || ...
> >>
> >> this way you only have to audit this very small file and not systemd
> >> itself,
On Thu, 16.02.12 15:40, Tomasz Torcz (to...@pipebreaker.pl) wrote:
>
> On Thu, Feb 16, 2012 at 12:30:31PM -0200, Gustavo Sverzut Barbieri wrote:
> > On Thu, Feb 16, 2012 at 11:38 AM, Roberto Sassu
> > wrote:
> > > the reason for which the loading of IMA policies has been placed in
> > > the mai
Hi,
this patch series make the service property StartLimitAction writeable. The
first two patches are preparation to make it posible. The third patch
actually implements this.
Why this is useful: Consider a service with rather strict watchdog
settings. StartLimitAction=reboot-force and low StartLi
The defined function can be used as BusPropertySetCallback.
---
src/dbus-common.h | 15 +++
1 files changed, 15 insertions(+), 0 deletions(-)
diff --git a/src/dbus-common.h b/src/dbus-common.h
index 1dc0f59..892d129 100644
--- a/src/dbus-common.h
+++ b/src/dbus-common.h
@@ -160,6 +1
---
src/dbus-service.c |5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/dbus-service.c b/src/dbus-service.c
index 7809164..d840415 100644
--- a/src/dbus-service.c
+++ b/src/dbus-service.c
@@ -48,7 +48,7 @@
" \n" \
" \n" \
" \n" \
-
BusPropertyCallback already has the argument. It is necesary for the
callback to know what data to access.
---
src/dbus-common.c |6 +-
src/dbus-common.h |2 +-
src/dbus-manager.c |4 ++--
3 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/src/dbus-common.c b/src/dbus
Hi,
I noticed a problem with the current watchdog code. When the watchdog for a
service triggers then the service is stopped with service_enter_dead().
Then the restart logic takes over and restarts the service. However, if the
rate limit is exceeded and StartLimitAction=none, then the service jus
On Mon, 2012-02-20 at 17:54 +0100, Lennart Poettering wrote:
> What is currently implemented is more like this:
>
> 1. On systems with graphical login: tty1 is always the DM
>
> 2. On systems without graphical login: tty1 is always a getty
Is this the case even for the first boot after install?
On 02/20/2012 06:04 PM, Lennart Poettering wrote:
On Wed, 15.02.12 14:23, Roberto Sassu (roberto.sa...@polito.it) wrote:
The mount of the securityfs filesystem is now performed in the main systemd
executable as it is used by IMA to provide the interface for loading custom
policies. The unit fil
On Mon, 20.02.12 10:57, Dax Kelson (dkel...@gurulabs.com) wrote:
>
> On Mon, 2012-02-20 at 17:54 +0100, Lennart Poettering wrote:
>
> > What is currently implemented is more like this:
> >
> > 1. On systems with graphical login: tty1 is always the DM
> >
> > 2. On systems without graphical log
On 02/20/2012 06:12 PM, Lennart Poettering wrote:
On Wed, 15.02.12 14:23, Roberto Sassu (roberto.sa...@polito.it) wrote:
The new function ima_setup() loads an IMA custom policy from a file in the
default location '/etc/sysconfig/ima-policy', if present, and writes it to
the path 'ima/policy' in
'Twas brillig, and Lennart Poettering at 20/02/12 16:54 did gyre and gimble:
> On Fri, 17.02.12 16:00, Colin Guthrie (gm...@colin.guthr.ie) wrote:
>
>> If you have your system setup for a server without a graphical display,
>> you expect all (well 1 through 6 anyway) ttys to be text logins. I thin
On 02/20/2012 06:14 PM, Lennart Poettering wrote:
On Wed, 15.02.12 18:12, Roberto Sassu (roberto.sa...@polito.it) wrote:
The location of the policy file is not IMA dependent. I chose that
because it seemed to me the right place where to put this file.
So, i can easily modify the location to be
On Mon, 20.02.12 18:28, Colin Guthrie (gm...@colin.guthr.ie) wrote:
> > 3. On boot, on both kinds of systems: All ttys != tty1 are unallocated
>
> OK, not quite what I get here - getty's are not fully hotplugged I
> guess, but all the same, but I accept this is the most sensible setup
> and I'll
On Mon, 20.02.12 19:23, Roberto Sassu (roberto.sa...@polito.it) wrote:
> >>+ log_error("mmap() failed (%s), freezing", strerror(errno));
> >>+ result = -errno;
> >>+ goto out;
> >>+ }
> >>+
> >>+ while(written< policy_size) {
> >>+
On Mon, 20.02.12 19:36, Roberto Sassu (roberto.sa...@polito.it) wrote:
>
> On 02/20/2012 06:14 PM, Lennart Poettering wrote:
> >On Wed, 15.02.12 18:12, Roberto Sassu (roberto.sa...@polito.it) wrote:
> >
> >>The location of the policy file is not IMA dependent. I chose that
> >>because it seemed t
On 02/20/2012 06:24 PM, Lennart Poettering wrote:
On Thu, 16.02.12 19:50, Gustavo Sverzut Barbieri (barbi...@profusion.mobi)
wrote:
Then I wonder: why not make an ima-init binary that:
- does ima_setup()
- exec systemd || upstart || ...
this way you only have to audit this very small fi
On 02/20/2012 07:52 PM, Lennart Poettering wrote:
On Mon, 20.02.12 19:23, Roberto Sassu (roberto.sa...@polito.it) wrote:
+ log_error("mmap() failed (%s), freezing", strerror(errno));
+ result = -errno;
+ goto out;
+ }
+
+ while(written< po
On Mon, 20.02.12 20:06, Roberto Sassu (roberto.sa...@polito.it) wrote:
> >We moved SELinux loading out of the initrd into systemd, in order to
> >support fully featured initrd-less boots. I don't think we should reopen
> >this problem set by having IMA in the initrd. I believe IMA should be
> >tre
On 2/19/12 9:35 PM, David Ward wrote:
On 01/02/12 19:07, Lennart Poettering wrote:
On Wed, 01.02.12 18:54, Chris Paulson-Ellis (ch...@edesix.com) wrote:
Is there some way to get the client to always restart when server
restarts, for whatever reason?
No, there isn't. But what you describe is s
On Monday 2012-02-20 18:57, Dax Kelson wrote:
>On Mon, 2012-02-20 at 17:54 +0100, Lennart Poettering wrote:
>
>> What is currently implemented is more like this:
>>
>> 1. On systems with graphical login: tty1 is always the DM
>>
>> 2. On systems without graphical login: tty1 is always a getty
>
On Thu, Feb 09, 2012 at 08:12:55PM +0100, Lennart Poettering wrote:
> Now, of course, the journal shouldn't crash in the first place. This bug
> is still something to fix, but so far nobody managed to get me a bt of
> this. if the journal itself crashes a coredump will be placed in
> /var/lib/syste
37 matches
Mail list logo
