I think os-relesase describes the operating system, not policies.
You are right. Perhaps machine-info would be a better fit than os-release.
To what extent a machine is locked down is a policy choice. There are already
loads of tools available to manage policy so this really doesn't belong
On Wed, Feb 16, 2022 at 2:27 PM Lennart Poettering
wrote:
> On Di, 15.02.22 19:05, Stefan Schröder (ste...@tokonoma.de) wrote:
>
> > Situation:
> >
> > Many packages in a distribution ship with a default configuration
> > that is not considered 'secure'.
>
> Do they? What dos "secure" mean? If th
On 16/02/2022 12:13, Stefan Schröder wrote:
Wouldn't/etc/default/* be the place to look such things up?
I am not sure. Is /etc/default standard across distributions? AFAIK it's Debian specific.
We should be looking to address this issue in a distribution independent way,
shouldn't we?
I'v
On 16/02/2022 17:11, Stefan Schröder wrote:
I must say, I am very sure that the primar focus should always be on
locking things down as well as we can for*everyone* and as
*default*.
Yes, that'd be nice, but I don't think it's realistic. Having an opt-in via the
proposed mechanism, it would
On Mi, 16.02.22 12:13, Dave Howorth (syst...@howorth.org.uk) wrote:
> > This could be used by applications for auditing/logging services
> > downstream of the resolver, or to update the firewall on the system.
>
> Perhaps an example use case would help but I'm not clear how a DNS
> resolution woul
On Mi, 16.02.22 11:45, Michał Rudowicz (michal.rudow...@fl9.eu) wrote:
> Hi,
>
> I am trying to write a .service file for an application which is supposed to
> run indefinitely. The approach I have is:
>
> - if the application crashes (exits with a non-zero exit code), I want
>it to be restar
On Wed, Feb 16, 2022 at 12:37 AM Suraj Krishnan
wrote:
> Hello,
>
>
>
> I’m reaching out to the community to gather feedback about a feature to
> broadcast a d-bus signal notification from systemd-resolved when a DNS
> query is completed. The message would contain information about the query
> an
On Di, 15.02.22 22:37, Suraj Krishnan (sura...@microsoft.com) wrote:
> Hello,
>
> I'm reaching out to the community to gather feedback about a feature
> to broadcast a d-bus signal notification from systemd-resolved when
> a DNS query is completed. The message would contain information
> about the
On Mi, 16.02.22 14:09, Ulrich Windl (ulrich.wi...@rz.uni-regensburg.de) wrote:
> Hi!
>
> I wonder: Is it possible with systemd to detect multiple reboots
> within a specific time interval, and react, like executing some
> systemctl command (that is expected to "improve" things)? With
> "reboots"
> Lennart Poettering hat am 16.02.2022 13:27
> geschrieben:
> Do they? What dos "secure" mean? If there's a security vulnerability,
> maybe talk to the distro about that? They should be interested...
I am not talking about vulnerabilities here. All the major distros maintain
hardening guides.
H
Hi!
I wonder: Is it possible with systemd to detect multiple reboots within a
specific time interval, and react, like executing some systemctl command (that
is expected to "improve" things)?
With "reboots" I'm mainly thinking of unexpected boots, not so much the
"shutdown -r" commands, but thin
>>> "Manuel Wagesreither" schrieb am 16.02.2022 um 13:28
in
Nachricht :
> Hi all,
>
> We'd like to implement a factory reset for an embedded device we are working
> on.
>
> I think the cleanest approach would be a factory‑reset.target which
> WANTS/REQUIRES reboot.target + a factory‑reset.serv
Hi all,
We'd like to implement a factory reset for an embedded device we are working on.
I think the cleanest approach would be a factory-reset.target which
WANTS/REQUIRES reboot.target + a factory-reset.service which wipes the
persistent storage.
The thing is, START of factory-reset.service w
On Tue, 15 Feb 2022 22:37:41 +
Suraj Krishnan wrote:
> Hello,
>
> I'm reaching out to the community to gather feedback about a feature
> to broadcast a d-bus signal notification from systemd-resolved when a
> DNS query is completed. The message would contain information about
> the query and
On Di, 15.02.22 19:05, Stefan Schröder (ste...@tokonoma.de) wrote:
> Situation:
>
> Many packages in a distribution ship with a default configuration
> that is not considered 'secure'.
Do they? What dos "secure" mean? If there's a security vulnerability,
maybe talk to the distro about that? They
Hallo Ulrich, thank you for taking the time to read my proposal.
> Probably because "secure" isn't considered to be "comfortable" by a majority
> of users.
Indeed.
> I think os-relesase describes the operating system, not policies.
You are right. Perhaps machine-info would be a better fit than
Fwiw, the Debian rsyslog package does not have any such dependencies/orderings.
But there is https://github.com/rsyslog/rsyslog-pkg-rhel-centos/issues/72
Hi,
I am trying to write a .service file for an application which is supposed to
run indefinitely. The approach I have is:
- if the application crashes (exits with a non-zero exit code), I want
it to be restarted. This can be achieved easily using the Restart
directive, like Restart=on-fai
>>> Stefan Schröder schrieb am 15.02.2022 um 19:05 in
Nachricht <531595111.79330.1644948301...@webmail.strato.com>:
> Situation:
>
> Many packages in a distribution ship with a default configuration that is
> not considered 'secure'.
Probably because "secure" isn't considered to be "comfortabl
>>> Kenneth Porter schrieb am 15.02.2022 um 18:14 in
Nachricht :
> Given that interfaces can come and go, does network.target imply that
> all possible interfaces are up? Or does it just mean that the
> infrastructure is there for DHCP-capable interfaces to begin searching
> for an address?
I
20 matches
Mail list logo