On Mon, Oct 27, 2014 at 03:38:37PM +0100, Lennart Poettering wrote:
> On Sat, 11.10.14 21:57, m...@zarb.org (m...@zarb.org) wrote:
>
> > From: Michael Scherer
> >
> > Since apparmor need to access /proc to communicate with the kernel,
> > any unit setting / as r
On Mon, Oct 27, 2014 at 11:20:53PM +0100, Lennart Poettering wrote:
> On Mon, 27.10.14 20:16, Michael Scherer (m...@zarb.org) wrote:
>
> > On Mon, Oct 27, 2014 at 03:38:37PM +0100, Lennart Poettering wrote:
> > > On Sat, 11.10.14 21:57, m...@zarb.org (m...@zarb.org) wrote
e because CUPS runs as a
> system daemon?
You can start it on demand, using the activation socket system.
See http://0pointer.de/blog/projects/socket-activation2.html
( since that date back to 2011, there is likely everything already
patched upstream in a
Le vendredi 21 février 2014 à 03:48 +0100, Lennart Poettering a écrit :
> On Thu, 20.02.14 16:19, m...@zarb.org (m...@zarb.org) wrote:
>
> > From: Michael Scherer
> >
> > This permit to switch to a specific apparmor profile when starting a
> > daemon. This
> &g
f
> socket "label" that could be accessed by the daemon via sd_* APIs to
> distinguish would be useful here?
You can use getsockopt to get some information, and match the port/type
to the appropriate structure.
See https://trac.torproject.org/projects/tor/ticket/8908 for a patch
d
tacted me to get the patches, I said i was ok on
the principle, but from the code point of view, it could have been
refactored ( but I didn't do it yet );
IE having a structure like :
['regexp','name-of-exception','message'], have it exposed in the
configuration an
Le samedi 28 décembre 2013 à 14:30 +0100, Lennart Poettering a écrit :
> On Fri, 27.12.13 23:26, m...@zarb.org (m...@zarb.org) wrote:
>
> > From: Michael Scherer
> >
> > This permit to let system administrators decide of the domain of a service.
> > This can be use
Le lundi 30 décembre 2013 à 03:14 -0600, David Timothy Strauss a écrit :
> On Sat, Dec 28, 2013 at 10:47 AM, Michael Scherer wrote:
> > So using templated units, we could do for example :
> > SELinuxContext=staff_u:staff_r:%s_t:s0-s0:c0.c1023
>
> In the spirit of making iso
Le jeudi 02 janvier 2014 à 11:30 -0500, Daniel J Walsh a écrit :
> On 12/28/2013 11:47 AM, Michael Scherer wrote:
> > Le samedi 28 décembre 2013 à 14:30 +0100, Lennart Poettering a écrit :
> >> On Fri, 27.12.13 23:26, m...@zarb.org (m...@zarb.org) wrote:
> >>
Le vendredi 03 janvier 2014 à 00:58 +, "Jóhann B. Guðmundsson" a
écrit :
> On 12/28/2013 01:30 PM, Lennart Poettering wrote:
> > On Fri, 27.12.13 23:26,m...@zarb.org (m...@zarb.org) wrote:
> >
> >> >From: Michael Scherer
> >> >
> >&g
Le vendredi 03 janvier 2014 à 12:23 +, "Jóhann B. Guðmundsson" a
écrit :
> On 01/03/2014 10:56 AM, Michael Scherer wrote:
> > Le vendredi 03 janvier 2014 à 00:58 +, "Jóhann B. Guðmundsson" a
> > écrit :
> >> On 12/28/2013 01:30 PM, Lennart Poet
the capacity of using directly a on disk
> profile, and
> I am not sure on the best way to support that.
I have also been told on irc that Michael Stapelberg wrote the same kind
of patch ( if not the same, given there isn't much possible variation ),
cf https://lists.debian.org/debian-
Le vendredi 03 janvier 2014 à 11:48 -0500, Daniel J Walsh a écrit :
> On 01/03/2014 09:16 AM, Michael Scherer wrote:
> Well thinking about this again, I think still to the single label. Lets not
> break the field up into multiple labels.
>
> And not make it SELinux specific.
eaning that
> the setting can be ignored should be used.
>
> In general, if selinux=0 is used, or selinux support is not compiled
> in, those options should not result in failure. So the algorithm should
> be: if disabled, ignore, if enab
Le lundi 06 janvier 2014 à 03:20 +0100, Zbigniew Jędrzejewski-Szmek a
écrit :
> On Fri, Jan 03, 2014 at 05:22:42PM +0100, m...@zarb.org wrote:
> > From: Michael Scherer
> >
> > ---
> > src/shared/apparmor-util.c | 15 +++
> > src/shared/apparmor-u
This series of patch implement a SELinuxContext configuration item,
whose usage is explained in the first mail. This patch series take in
account the feedback received on
http://lists.freedesktop.org/archives/systemd-devel/2013-December/015875.html
Michael Scherer (3):
Add SELinuxContext
---
src/core/execute.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index c02c768..474a4af 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1569,7 +1569,7 @@ int exec_spawn(ExecCommand *command,
This permit to let system administrators decide of the domain of a service.
This can be used with templated units to have each service in a différent
domain ( for example, a per customer database, using MLS or anything ),
or can be used to force a non selinux enabled system (jvm, erlang, etc)
to st
Also remove call to security_check_context, as this doesn't serve anything,
since
setexeccon will fail anyway.
---
man/systemd.exec.xml | 4 +++-
src/core/execute.c | 14 --
2 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
ce, which could be
nice but maybe too much )
--
Michael Scherer
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
e IDLE_TIMEOUT2_USEC (1*USEC_PER_SEC)
> > @@ -1570,6 +1571,16 @@ int exec_spawn(ExecCommand *command,
> > goto fail_child;
> > }
> > }
> > +
> > +if (context->apparmor_profile) {
> > + if (u
This patch implement a option AppArmorProfile to load a specific
profile for a service, following the previous SELinux
patch for SELinuxProfile configuration. It also follow the same
convention of being non-fatal if prefixed by -. I tested it on Opensuse
only for now, and the profile still need to
This permit to switch to a specific apparmor profile when starting a daemon.
This
will result in a non operation if apparmor is disabled.
It also add a new build requirement on libapparmor for using this feature.
---
Makefile.am | 7 +++
configure.ac
Le vendredi 14 février 2014 à 12:31 +0100, Lennart Poettering a écrit :
> On Fri, 14.02.14 12:21, Michael Scherer (m...@zarb.org) wrote:
>
> > This permit to switch to a specific apparmor profile when starting a
> > daemon. This
> > will result in a non operation if appa
Le vendredi 14 février 2014 à 14:05 +0100, Michael Scherer a écrit :
> Le vendredi 14 février 2014 à 12:31 +0100, Lennart Poettering a écrit :
> > On Fri, 14.02.14 12:21, Michael Scherer (m...@zarb.org) wrote:
> > > SD_BUS_PROPERTY("SELinuxContext", "s&qu
This permit to hide the logic of prefixing by '-' from the consumer
of the DBus API, by presenting a boolean and a string rather than just
a raw string, with specific magic value. See
http://lists.freedesktop.org/archives/systemd-devel/2014-February/016918.html
---
src/core/dbus-execute.c | 21 ++
in python do not seems like a smart move.
I didn't found any way to reuse systemd code, but I think that a tool
like desktop-file-validate would be quite useful for all distributions.
[1] http://lists.fedoraproject.org/pipermail/devel/2013-M
Le samedi 18 mai 2013 à 23:50 -0700, David Strauss a écrit :
> I'm skipping to the questions I can answer.
>
> On Sat, May 18, 2013 at 2:44 PM, Michael Scherer wrote:
> > - we should avoid as much as possible to use Type=forking when we can
> > avoid it.
> >
>
Le lundi 20 mai 2013 à 19:58 -0700, T.C. Hollingsworth a écrit :
> On Sat, May 18, 2013 at 2:44 PM, Michael Scherer wrote:
> > So I planned to warn if the unit are directly in /lib, but I know there
> > is some distribution that didn't choose this path yet. So when /usr is
>
art a service
or a set of service in a isolated minimal container, and no headache on
upgrade due to bind mounts ( ie, everything use the same code ). And
this is using systemd.
See https://fedoraproject.org/wiki/Features/Securecontainers and various
others pages on the web.
--
Michael Scherer
30 matches
Mail list logo
