Age | Commit message (Collapse) | Author | |
---|---|---|---|
2010-08-14 | emacs: make sure nobody accidently adds tabs to our sources | Lennart Poettering | |
2010-08-11 | selinux: split off selinux calls into seperate file label.c | Lennart Poettering | |
2010-08-11 | clang: fix numerous little issues found with clang-analyzer | Lennart Poettering | |
2010-08-09 | manager: when two pending jobs conflict, keep the one that "conflicts", ↵ | Lennart Poettering | |
remove the one that is "conflicted" This gives the writer of units control which unit is kept and which is stopped when two units conflict. | |||
2010-08-06 | automount: order automount units after fsck, too | Lennart Poettering | |
2010-08-03 | Systemd is causing mislabeled devices to be created and then attempting to ↵ | Daniel J Walsh | |
read them. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/28/2010 05:57 AM, Kay Sievers wrote: > On Wed, Jul 28, 2010 at 11:43, Lennart Poettering > <lennart@poettering.net> wrote: >> On Mon, 26.07.10 16:42, Daniel J Walsh (dwalsh@redhat.com) wrote: >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file >>> type=1400 audit(1280174589.476:7): avc: denied { read } for pid=1 >>> comm="systemd" name="autofs" dev=devtmpfs ino=9482 >>> scontext=system_u:system_r:init_t:s0 >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file >>> type=1400 audit(1280174589.476:8): avc: denied { read } for pid=1 >>> comm="systemd" name="autofs" dev=devtmpfs ino=9482 >>> scontext=system_u:system_r:init_t:s0 >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file >>> >>> Lennart, we talked about this earlier. I think this is caused by the >>> modprobe calls to create /dev/autofs. Since udev is not created at the >>> point that init loads the kernel modules, the devices get created with >>> the wrong label. Once udev starts the labels get fixed. >>> >>> I can allow init_t to read device_t chr_files. >> >> Hmm, I think a cleaner fix would be to make systemd relabel this device >> properly before accessing it? Given that this is only one device this >> should not be a problem for us to maintain, I think? How would the >> fixing of the label work? Would we have to spawn restorecon for this, or >> can we actually do this in C without too much work? > > I guess we can just do what udev is doing, and call setfilecon(), with > a context of an earlier matchpathcon(). > > Kay > _______________________________________________ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel Here is the updated patch with a fix for the labeling of /dev/autofs -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkxQMyoACgkQrlYvE4MpobNviACfWgxsjW2xzz1qznFex8RVAQHf gIEAmwRmRcLvGqYtwQaZ3WKIg8wmrwNk =pC2e | |||
2010-07-19 | systemctl: introduce reset-maintenance command | Lennart Poettering | |
2010-07-13 | socket: when the socket is supposed to stop, don't accept any connections ↵ | Lennart Poettering | |
anymore | |||
2010-07-12 | mount: add automatic start ordering dependencies for mounts | Lennart Poettering | |
2010-07-10 | mount: add implicit umount.target conflicts only in system mode | Lennart Poettering | |
2010-07-10 | automount: refuse automounts for the root file system | Lennart Poettering | |
2010-07-10 | units: introduce umount.target for unmounting all file systems | Lennart Poettering | |
2010-07-08 | dbus: make errors reported via D-Bus more useful | Lennart Poettering | |
2010-07-03 | unit: simplify things a little by introducing API to add two dependencies in ↵ | Lennart Poettering | |
one step | |||
2010-07-02 | automount: add DirectoryMode= setting | Lennart Poettering | |
2010-07-01 | unit: shorten active state enums to make systemctl output nicer | Lennart Poettering | |
2010-07-01 | unit: add new abstracted maintenance state for units | Lennart Poettering | |
2010-06-19 | unit: get rid of various unnecessary casts | Lennart Poettering | |
2010-06-18 | systemctl: add /dev/initctl fallback | Lennart Poettering | |
2010-06-16 | typo: the correct spelling is maintenance not maintainance | Lennart Poettering | |
2010-05-24 | path: add .path unit type for monitoring files | Lennart Poettering | |
2010-05-22 | kmod: automatically load a few kernel modules we need for normal operation ↵ | Lennart Poettering | |
before udev is active | |||
2010-05-19 | automount: try to modprobe autofs4 if its lacking | Lennart Poettering | |
2010-05-19 | automount: never consider our own mount point a prefix mount of us | Lennart Poettering | |
2010-05-16 | build-sys: move source files to subdirectory | Lennart Poettering | |