0 -a $RPM -eq 1 ] ; then
# Only use good results for rpms
r="$r\n$tmp_r"
else
r="$r\n$tgt"
fi
done
echo -e $r | sort | uniq
exit 0
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On Wednesday 18 November 2009 04:45:05 pm James Antill wrote:
> On Wed, 2009-11-18 at 16:04 -0500, Steve Grubb wrote:
> > > The problem is the *Default* not the fact that you can consciously
> > > allow users to update without a password.
> >
> > And I wonder wha
s to update without a password.
And I wonder what the audit trail will show? Does it show which user installed
these packages?
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
here.
> --
> Jes
> --
> fedora-devel-list mailing list
> fedora-devel-list@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-devel-list
>
--
Steve Traylen
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
age basis.
>
>
>
> --
> fedora-devel-list mailing list
> fedora-devel-list@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-devel-list
>
--
Steve Traylen
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
missing something here but if the architecture matters it's not a
a noarch package by definition.
> --
> fedora-devel-list mailing list
> fedora-devel-list@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-devel-list
>
--
Steve Traylen
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On Wed, Nov 4, 2009 at 4:43 PM, Rudolf Kastl wrote:
> 2009/11/4 Steve Traylen :
>> On Wed, Nov 4, 2009 at 4:33 PM, Rudolf Kastl wrote:
>>> 2009/11/4 Steve Traylen :
>>>> On Wed, Nov 4, 2009 at 4:11 PM, Rudolf Kastl wrote:
>>>>> 2009/11/4 Jason L Tib
On Wed, Nov 4, 2009 at 4:33 PM, Rudolf Kastl wrote:
> 2009/11/4 Steve Traylen :
>> On Wed, Nov 4, 2009 at 4:11 PM, Rudolf Kastl wrote:
>>> 2009/11/4 Jason L Tibbitts III :
>>>>>>>>> "ST" == Steve Traylen writes:
>>>>
>&
On Wed, Nov 4, 2009 at 4:11 PM, Rudolf Kastl wrote:
> 2009/11/4 Jason L Tibbitts III :
>>>>>>> "ST" == Steve Traylen writes:
>>
>> ST> Would be happy for an alternatives solution. I have yet another
>> ST> /usr/bin/qstat for a POSIX inter
urrent list of conflicting packages, proposing
> solutions, and working with FESCo in the case that those solutions are
> not applied.
>
> - J<
>
> --
> fedora-devel-list mailing list
> fedora-devel-list@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-devel-lis
On 11/02/2009 03:02 PM, Jesse Keating wrote:
> On Mon, 2009-11-02 at 14:23 -0500, Steve Dickson wrote:
>> I'm not sure about this... Actually I like the fact we can define a
>> pseudo root other than '/'... which means you really want a live exported
>> directo
On 10/26/2009 10:34 AM, Steve Dickson wrote:
> [With the next nfs-utils rawhide build, I will be flipping the ]
> [switch that will cause all NFS client mounts to try NFS v4 first ]
> [At the bottom of this email has the workarounds if this change does ]
> [indeed cause pain ]
>
&
On 11/02/2009 10:41 AM, Doug Ledford wrote:
> On 10/29/2009 11:17 AM, Steve Dickson wrote:
>>
>>
>> On 10/28/2009 03:05 PM, Roland McGrath wrote:
>>> It sounds like you are saying that there is no way to export the same
>>> host filesystems with the same
On 10/29/2009 11:17 AM, Gregory Maxwell wrote:
> On Mon, Oct 26, 2009 at 1:13 PM, Steve Dickson wrote:
>> On a pre F-12 Server:
>> 2) Added the '/ *(ro,fsid=0)' entry to the /etc/exportsfile and
>> reset the exports with 'exportfs -arv' (see expor
On 10/28/2009 03:05 PM, Roland McGrath wrote:
> It sounds like you are saying that there is no way to export the same
> host filesystems with the same client-perceived names under v4 as was
> being done before under v[23]. Is that really true?
With Pre-F12 servers... Yeah...
The V4 protocol re
On 10/28/2009 06:42 PM, Ray Van Dolson wrote:
>>> If, for whatever reason, I need to export a file system that doesn't
>>> live in /export, would I still be able to mount it?
>> With the '/ *(ro,fsid=0)' entry, Yes, you would be able to mount other
>> exported directories..
>>
>> With the '/exp
On 10/27/2009 05:06 PM, Jason L Tibbitts III wrote:
>>>>>> "SD" == Steve Dickson writes:
>
> SD> On the server (Which is suggested): Add the following entry to the
> SD> /etc/exports file:
>
> SD> / *(ro,fsid=0)
>
> SD> Note:
On 10/26/2009 04:06 PM, Frank Ch. Eigler wrote:
> Steve Dickson writes:
>
>> [...]
>>> Unfortunately, this sounds like "only". Is it out of the question to
>>> make the client look for this case (an upgraded client in an existing
>>> unupgrade
On 10/27/2009 02:33 PM, Roland McGrath wrote:
>> But with with older releases I don't messing with people configuration
>> files since I would not want to break an existing configuration...
>
> Still never suggested that.
>
>> Note, there is a number of people who are currently running with
On 10/26/2009 02:11 PM, Roland McGrath wrote:
>> That is one of the valid options, but I would think it would better if
>> the server owner did that tweak, than an nfs-utils update, no?
>
> I'm not suggesting that you do an update that just tweaks config files in
> %post or anything like that.
On 10/26/2009 01:40 PM, Roland McGrath wrote:
> At the least, there ought to be an F-11 update of whatever server-side
> stuff needs to change (in the minimal way not touching non-v4 uses) to
> make v4 exports work without temporary configuration hacks. IMHO if you
> can't do anything better, you
On 10/26/2009 01:34 PM, Frank Ch. Eigler wrote:
> Steve Dickson writes:
>
>> On 10/26/2009 12:06 PM, Frank Ch. Eigler wrote:
>>> Is this really "first" or rather "only"? Was there a conclusion about
>>> whether the nfs client code would be ch
On 10/26/2009 12:39 PM, Tom Lane wrote:
> Steve Dickson writes:
>> Because the mount command will try NFS v4 first, mounts to older Linux
>> servers
>> will start failing like:
>
> What happens with a mount to a UDP-only server? (or actually /net
> automount is wh
On 10/26/2009 12:06 PM, Frank Ch. Eigler wrote:
> Steve Dickson writes:
>
>> [With the next nfs-utils rawhide build, I will be flipping the ]
>> [switch that will cause all NFS client mounts to try NFS v4 first ]
>> [...]
>
> Is this really "first" o
[With the next nfs-utils rawhide build, I will be flipping the ]
[switch that will cause all NFS client mounts to try NFS v4 first ]
[At the bottom of this email has the workarounds if this change does ]
[indeed cause pain ]
As part of the https://fedoraproject.org/wiki/Features/NFSv4Default featu
On 10/24/2009 02:15 PM, Mike Chambers wrote:
> I mirror rawhide on a F11 box, that I normally nfs mount from a rawhide
> running system. Tried to do an nfs based install from rawhide 2 days
> ago and it failed, but installing via http from outside source (I don't
> have http setup on the box) work
On 10/13/2009 09:56 AM, Christopher Aillon wrote:
>
> Not everyone had issues with the indexing so that seemed to slip past
> testing. It was a change, but didn't seem to disrupt things, so we let
> it slide.
Not to pile on, believe me I know painful change is... 8-) but...
This new indexing is
On Wednesday 07 October 2009 06:16:50 pm Matthias Clasen wrote:
> On Wed, 2009-10-07 at 17:11 -0400, Steve Grubb wrote:
> > On Friday 02 October 2009 01:56:21 pm Jon Stanley wrote:
> > > Meeting summary
> > > ---
> > > * incomplete features (jds20
-devel and apply the attached patch.
Thanks,
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
st} = http://bugzilla.redhat.com/
package%{name} = bacula
--> %{bugreporthost}/%{name}
--> http://bugzilla.redhat.com/bacula
+1 on this.
cheers,
- steve
--
random non tech spiel: http://lonetwin.blogspot.com/
tech randomness: http://lonehacks.blogspot.com/
what i'm
much about the PolicyKit framework itself, but little that i
know, had me believing that PolicyKit is more of a Gnome (or rather a
freedesktop thing). In any case, an introduction/doc of the /current/ state of
PolicyKit too would help.
cherrs,
- steve
[1] http://www.draisberghof.de/usb_
On 10/02/2009 02:13 PM, Valent Turkovic wrote:
> Hi,
> I'm building custom Fedora remix with some packages from RPMFusion and
> updated Fedora packages. Last Live USB image I created booted really slow
> (over 5 minutes). I tracked down the issue to nfs service. Even when this
> ISO image is used
ked, they still have not specified an audit facility. They
have one for syslog, but not audit. And yes this matters.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On 10/01/2009 05:34 AM, Matej Cepl wrote:
> Steve Dickson, Wed, 30 Sep 2009 15:41:51 -0400:
>> Maybe removing the "Final Development" part and replace it with
>> something like "Beta Freeze (Bug Fixes ONLY)" might have helped.
>
> Well my problem with
On 09/30/2009 03:18 PM, Bill Nottingham wrote:
> Steve Dickson (ste...@redhat.com) said:
>> Right or wrong.. I took "Final Feature Freeze" as the last chance
>> of getting a feature into F12.. And I will be the first to admit I
>> do not read all the rule and re
On 09/30/2009 01:47 PM, Paul W. Frields wrote:
> On Wed, Sep 30, 2009 at 01:11:56PM -0400, Steve Dickson wrote:
>> After further review... by a number of people, its been decided
>> the /etc/nfsmount.conf file will be installed with the default
>> protocol version set to v
After further review... by a number of people, its been decided
the /etc/nfsmount.conf file will be installed with the default
protocol version set to v3. This will stop the mount failures
with older Linux servers but make it very easy to make v4
the default version. A nice compromise, IMHO...
On 09/30/2009 11:07 AM, Howard Wilkinson wrote:
With version 4 there is this concept of a pseudo root. Which meanings
one can define, through exports, what the root of an export
can be. Which is a good idea because you can define /export as
the root, and nothing above /export ca
On 09/30/2009 09:59 AM, Gregory Maxwell wrote:
> On Tue, Sep 29, 2009 at 9:42 PM, Chris Adams wrote:
>> Once upon a time, Steve Dickson said:
>>> On the server (Which is suggested):
>>>* Add the following entry to the /etc/exports file:
>>> / *(ro,fs
On 09/30/2009 07:05 AM, Andrew Haley wrote:
>>> I can't see how it would cause a mount storm: all you'd be doing is
>>> issuing a mount request twice, once in each protocol.
>> Times 1000 very 5 seconds...
>
> So 2000 every 5 seconds as opposed to 1000 every 5 seconds. This is
> surely better
On 09/30/2009 07:22 AM, Howard Wilkinson wrote:
> Steve,
>
> just for clarity what you are actually saying is that.
> On Tue, 2009-09-29 at 22:45 -0400, Steve Dickson wrote:
>> On 09/29/2009 09:42 PM, Chris Adams wrote:
>>> Once upon a time, Steve Dickson said:
&
On 09/30/2009 06:18 AM, Andrew Haley wrote:
> Steve Dickson wrote:
>>
>> On 09/30/2009 04:53 AM, Andrew Haley wrote:
>>> Steve Dickson wrote:
>>>> On 09/29/2009 10:10 PM, Jeremy Katz wrote:
>>>>> On Tue, Sep 29, 2009 at 8:15 PM, Steve Dickso
On 09/30/2009 04:53 AM, Andrew Haley wrote:
> Steve Dickson wrote:
>> On 09/29/2009 10:10 PM, Jeremy Katz wrote:
>>> On Tue, Sep 29, 2009 at 8:15 PM, Steve Dickson wrote:
>>>>> My main concern is with installer, installing from NFS shares from older
>>>
On 09/29/2009 10:10 PM, Jeremy Katz wrote:
> On Tue, Sep 29, 2009 at 8:15 PM, Steve Dickson wrote:
>>> My main concern is with installer, installing from NFS shares from older
>>> servers, say RHEL5. How will anaconda handle mounting? Will there be
>>> odd error
On 09/29/2009 09:21 PM, Toshio Kuratomi wrote:
> One thing I think is unclear this cycle is the usage of the word "Beta".
> It's been said many times that beta is not really beta but actually
> final freeze. For instance: "If all goes as planned the Beta
> (previously known as "Final Development"
On 09/29/2009 09:42 PM, Chris Adams wrote:
> Once upon a time, Steve Dickson said:
>> On the server (Which is suggested):
>>* Add the following entry to the /etc/exports file:
>> / *(ro,fsid=0) Note: 'fsid=0' is explained in the exports(5) man pages.
>
On 09/29/2009 08:17 PM, John Poelstra wrote:
>>> [...snip...]
>>>
>>> I want to be perfectly clear that I'm not sounding an "all clear" on
>>> this by any means. If your answer here means that this change hasn't
>>> been thoroughly tested, you're going to have a hard time convincing
>>> anyone tha
On 09/29/2009 07:52 PM, Mike McGrath wrote:
>> By no means did I interpret that at all... but here lies the
>> problem... I had no idea I would have to convenience *anybody*
>> of *anything* because I thought I made the dead line... again all
>> following was the schedule in:
>>
>> http:/
On 09/29/2009 07:29 PM, Jesse Keating wrote:
> On Tue, 2009-09-29 at 19:16 -0400, Paul W. Frields wrote:
>>>> I think that what we need, Steve, is some sort of information
>> about
>>>> what testing has happened up to this point that satisfies FESCo
>>
On 09/29/2009 07:16 PM, Paul W. Frields wrote:
> On Tue, Sep 29, 2009 at 07:12:03PM -0400, Steve Dickson wrote:
>> On 09/29/2009 06:55 PM, Paul W. Frields wrote:
>>> On Tue, Sep 29, 2009 at 06:21:35PM -0400, Steve Dickson wrote:
>>>>
>>>>
>>>>
On 09/29/2009 06:55 PM, Paul W. Frields wrote:
> On Tue, Sep 29, 2009 at 06:21:35PM -0400, Steve Dickson wrote:
>>
>>
>> On 09/29/2009 06:13 PM, Jesse Keating wrote:
>>> On Tue, 2009-09-29 at 17:52 -0400, Steve Dickson wrote:
>>>> I thought today was t
On 09/29/2009 06:13 PM, Jesse Keating wrote:
> On Tue, 2009-09-29 at 17:52 -0400, Steve Dickson wrote:
>> I thought today was the dead line...
>>
>> http://www.linux-archive.org/fedora-development/372823-all-features-need-100-beta-freeze-2009-09-29-a.html
>>
>
&
On 09/29/2009 05:43 PM, Jesse Keating wrote:
> On Tue, 2009-09-29 at 17:33 -0400, Steve Dickson wrote:
>> Buyer Beware: A Major Change in NFS is about to happen
>
> Which means you're about a month too late in making it for Fedora 12.
> Please reconsider making this
Hello,
As part of the https://fedoraproject.org/wiki/Features/NFSv4Default feature
I am one commit away from changing the default protocol version NFS will
be using (or at least trying to use).
What does this means to you? Hopefully nothing! In theory this should
be a very seamless transition b
On Saturday 19 September 2009 07:25:13 pm Matej Cepl wrote:
> Steve Grubb, Fri, 18 Sep 2009 08:24:18 -0400:
> > I also think that the reason xinetd came into existence in the first
> > place has long since passed.
>
> Do you think that Fedora should humbly return with a cap i
On Friday 18 September 2009 12:39:57 pm Tomasz Torcz wrote:
> On Fri, Sep 18, 2009 at 12:03:05PM -0400, Steve Grubb wrote:
> > On Thursday 17 September 2009 05:29:02 pm Steve Grubb wrote:
> > > If selinux is not disabled and it does not become permissive or
> > > enfor
On Thursday 17 September 2009 05:29:02 pm Steve Grubb wrote:
> If selinux is not disabled and it does not become permissive or enforcing,
> it has to get logged and optionally shutdown the system.
>
> Aside from no logging, any ideas why selinux no longer works?
A few minutes ago,
t; permissive mode.
> >
> > And if chroot fails, we need to handle it.
>
> This will probably crash anyways
In the code I looked at, only if it returned 3...
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
so it can be debugged.
> Load_policy will exit with 0 on success or 2 on failure and SELinux in
> permissive mode.
And if chroot fails, we need to handle it.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On Friday 18 September 2009 08:34:03 am Ralf Ertzinger wrote:
> Hi.
>
> On Fri, 18 Sep 2009 08:24:18 -0400, Steve Grubb wrote:
> > I also think that the reason xinetd came into existence in the first
> > place has long since passed. The original intent was to save memory
>
reduced. They want a
smaller, leaner xinetd.
Good Luck...
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
gain.
relabeling is totally different than the system not having it enabled at all
when its supposed to.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
et = 3. What if the return code was 1
indicating a failure? How do you look at what's supposed to be in the initrd
to see if something is wrong inside it?
I opened a bz 524113 for this. But I'm surprised this wasn't mentioned on the
list before. :)
-Steve
--
fedora-devel-
s not become permissive or enforcing, it
has to get logged and optionally shutdown the system.
Aside from no logging, any ideas why selinux no longer works?
Thanks,
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
running as root. Iptables
is needed to block this access.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
t the build instructions for clang, it seems like
it would naturally fit as a subpackage for llvm. So, getting it into Fedora
should not be too much to do since llvm is already approved.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On Friday 21 August 2009 04:34:24 pm Aurelien Bompard wrote:
> - ulogd -- The userspace logging daemon for netfilter
I'm taking this one.
Thanks,
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On Monday 10 August 2009 12:32:10 pm Steve Grubb wrote:
> I wanted to let everyone know that I will be pushing audit-2.0 into rawhide
> in the next day or two. It will change the version number of libaudit. The
> following packages are known to have dependencies on audit-libs:
Jus
On Wednesday 19 August 2009 08:40:52 am Rawhide Report wrote:
> Compose started at Wed Aug 19 06:15:07 UTC 2009
>
> New package
Does this large list mean that the Alpha freeze is lifted?
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.co
On Friday 14 August 2009 06:05:06 pm Serge E. Hallyn wrote:
> Quoting Steve Grubb (sgr...@redhat.com):
> > On Sunday 26 July 2009 07:32:36 pm Steve Grubb wrote:
> > A sample srpm can be found here for anyone wanting to try it out before
> > alpha is unfrozen.
> >
&
uction in scope - other than what I have time to actually
work on. If I can fix dhcp, that is a major win. That is the item that stands
out as the biggest problem when running netcap.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listin
On Sunday 26 July 2009 07:32:36 pm Steve Grubb wrote:
> What can be done is that we program the application to drop some of the
> capabilities so that its not all powerful. There's just one flaw in this
> plan. The directory for /bin is 0755 root root. So, even if we drop all
>
On Monday 10 August 2009 02:02:47 pm Jason L Tibbitts III wrote:
> >>>>> "SG" == Steve Grubb writes:
>
> SG> It would have been in before feature freeze if sc-audit hadn't
> SG> gotten stuck in package review.
>
> A couple of points here, sin
se the _data equivalent function and use the audit_rule_data structure to
hold your rules.
The gain is that we want to clean up/deprecate the old kernel API somewhere
around 2.6.36 and need user space to quit using it asap.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
ht
es this a very real
> possibility.
OK, fine. I'll wait until after the Alpha freeze is over.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
rather me
not touch your package, just let me know.
Thanks,
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
package. I think the definitions could be created by a script, but will take
some time to generate. Maybe adding a generator for people not connected would
let them recreate the content?
But a 800Mb package is bigger than the livecd.
-Steve
--
fedora-devel-list mailing list
fedora-d
> > allowed to do.
>
> This has little to do with what Steve is trying to do.
Right. All I am doing at this point is going over the daemons running as root
and patching them to lower their capabilities. With libcap-ng, its generally
2-3 lines of code.
As for directory perms...I
ch processes (sshd, login, ...) would fail.
There is also the argument that what we've been teaching people for years is
that SE Linux strips away privileges and doesn't grant them. Changing the
model would be somewhat confusing.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On Monday 27 July 2009 09:11:33 am Serge E. Hallyn wrote:
> Quoting Steve Grubb (sgr...@redhat.com):
> > On Sunday 26 July 2009 08:54:26 pm Steve Grubb wrote:
> > > > I trust you meant to write 0555?
> > >
> > > No, I really mean 005 so that root daemons are
On Sunday 26 July 2009 09:01:14 pm Tom Lane wrote:
> 0005 is certainly not meaningfully more secure than 0555.
There are some secrets in files that semi-trusted root apps should not have
access to.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.
On Sunday 26 July 2009 08:54:26 pm Steve Grubb wrote:
> > I trust you meant to write 0555?
>
> No, I really mean 005 so that root daemons are using public permissions.
> Admins of course have DAC_OVERRIDE and can do anything. Try the script in a
> VM and tell me if there are an
On Sunday 26 July 2009 08:38:45 pm Tom Lane wrote:
> Steve Grubb writes:
> > The directory for /bin is 0755 root root. So, even if we drop all
> > capabilities, the root acct can still trojan a system.
> >
> > If we change the bin directory to 005, then root cannot
ve on a VM before posting so that you can
assure yourself that everything still works. :)
Thanks,
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
n't think I explained it well. I was thinking what if you had this rule:
-A INPUT -Z cups_t -j ACCEPT
and then cups was compromised and started listening on port 80. Since the
above rule has no port restrictions and cups is allowed to accept connections,
would cups now be able to start serving web pages?
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
ose ports and allow traffic.
> 2- Monitors as new daemons/applications that listen on non lo interfaces
> are started, checks if iptables is currently blocking them, and if so,
> warns the user that application X is currently blocked by the firewall
This part I like.
-Steve
--
fedor
need to log AVCs.
I would recommend leaving IPTables as is. Its working great at what its
designed to do.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
f
There are more examples like this.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
found here:
http://people.redhat.com/sgrubb/libcap-ng/
I'll be setting up a Fedora 12 project in the next few days to drop privs
everywhere.
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On Wednesday 03 June 2009 04:57:32 pm Kevin Kofler wrote:
> Steve Grubb wrote:
> > And then should the bug be closed hoping that one day you pull in a
> > package that solves the user's problem?
>
> If the bug is fixed upstream, the Fedora report can be reopened with a
ed that the fix is in Fedora? If the
bug
is severe enough, shouldn't the upstream commit be applied to Fedora's package
and the package pushed out for testing? Is all this going to happen if the bug
is closed?
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
On Tuesday 02 June 2009 11:09:49 pm Ralf Corsepius wrote:
> Kevin Kofler wrote:
> > Steve Grubb wrote:
> >> I don't want to start a long thread, but just to ask a couple questions
> >> for my own clarification. Does a maintainer's responsibilities end with
&g
On Tuesday 02 June 2009 07:34:17 pm Kevin Kofler wrote:
> Steve Grubb wrote:
> > I don't want to start a long thread, but just to ask a couple questions
> > for my own clarification. Does a maintainer's responsibilities end with
> > packaging bugs? IOW, if there is a
ptable for them to close the bug
and say talk to upstream? Do we want those bugs open to track when the bug is
fixed in the distro? I'll accept whatever the answer is, I'm just curious.
Thanks,
-Steve
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.
-qf does show that /lib/libcom_err.so.2 is owned by
e2fsprogs-1.38-1.i386.
-Steve
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
i386
>libcom_err.so.2 is needed by (installed) cyrus-sasl-2.1.21-10.i386
>libcom_err.so.2 is needed by (installed)
cyrus-sasl-gssapi-2.1.21-10.i386
>libcom_err.so.2 is needed by (installed) pam_krb5-2.2.6-2.2.i386
>libuuid.so.1 is needed by (instal
96 matches
Mail list logo