Alan Coopersmith wrote:
> Garrett D'Amore wrote:
>
>> (What application would bind to Ctrl-Backspace? That's one I've never
>> seen before...)
>>
>
> Allegedly, it's common in emacs, though I've never used it in all the years
> I've used xemacs.
>
>
Neither have. Although I have to ad
Sherry Moore wrote:
> compressed file. A compressed dump file must be uncompressed
> first, by manually running savecore(1M) a second time, before
> it can be used by other tools.
Will vmdump.X be removed automatically after executing the uncompression
step?
Brian
--
Brian R
Roland Mainz wrote:
> ... what's the general procedure to make a "project private" API
> "consolidation private" ?
File an ARC fasttrack (or maybe even a self-review case if simple
enough) declaring the list of interfaces and their new stability
level.
Examples:
PSARC/2007/154 DOF stability to Co
Roland Mainz wrote:
> Garrett D'Amore wrote:
>
>> Dave Plauger wrote:
>>
>>> Ivek Szczesniak wrote:
>>>
The stdio implementation in libc is among the slowest stdio
versions out there. If you want to archive better performance you
should use the stdio implementation in
Promoted to fasttrack timing out on 08/20/2009
Suresh
Garrett D'Amore wrote:
> Given that this is a potentially contentious issue, doesn't that
> automatically raise it above the bar required for being a fast track
> instead of a self-review?
>
> (What application would bind to Ctrl-Backspace?
> - If the /var/cache/gdm/user-$uid/dmrc file does not exist, then
>GDM will log the user into the default session/language or whichever
>ones they selected in the GUI. Then it will save the dmrc file to
>the cache with the default settings. On next login, the defaults
>will be re
Brian Cameron wrote:
>
> Alan:
>
The reason I ask is because the GNOME users and groups tool gets this
wrong on Solaris. It correctly hides by default all those accounts with
a uid< 100 but it doesn't hide the other reserved system accounts:
nobody:x:60001:60001:NFS Anon
-unspecified text was scrubbed...
Name: GDM.diff
URL:
<http://mail.opensolaris.org/pipermail/opensolaris-arc/attachments/20090813/879e6e81/attachment.ksh>
charset-unspecified text was scrubbed...
Name: ConsoleKit.diff
URL:
<http://mail.opensolaris.org/pipermail/opensolaris-arc/attachments/20090813/01ffbfdf/attachment.ksh>
they are still shipped (as they are listed as
> exported interfaces).
>
> Instead there should be a table that lists the EOF and removed interfaces.
>
-- next part --
An embedded and charset-unspecified text was scrubbed...
Name: onepager-moovida.txt
URL:
<http://mail.opensolaris.org/pipermail/opensolaris-arc/attachments/20090813/d83bb97b/attachment.txt>
Alan:
>> The gobject-introspection module installs:
>> * typelib files to /usr/lib/girepository-1.0
>> * GIR files to /usr/share/gir-1.0
>>
>> for the following modules:
>> * OpenGL
>> * Glib
>> * cairo
>> * fontconfig
>>
On Thu, Aug 13, 2009 at 06:18:09PM -0500, Brian Cameron wrote:
> This sort of design is contrary to the way people want GDM to work
> on other distros, so I am unsure if the changes needed to make it work
> this way would go upstream. Most other distros want it to work with
> all local userids out
Mike:
- If the /var/cache/gdm/user-$uid/dmrc file does not exist, then
GDM will log the user into the default session/language or whichever
ones they selected in the GUI. Then it will save the dmrc file to
the cache with the default settings. On next login, the defaults
w
Nicolas:
>> I thought you were suggesting that the list of users to be shown in the
>> face browser be specified by GDM configuration, rather than using
>> heuristics to decide which users to show. The word "hardcoding" was
>> a poor word choice on my part. What I meant was:
>
> Not configurati
Nicolas Williams wrote:
> Even better: leave the face browser on by default, but by default leave
> the list of users to appear in it _empty_. Then the installer folks
> could do something very cute:
>
> - if there's a webcam available on install, then ask the user if they
>want to have a pi
>> nobody:x:60001:60001:NFS Anonymous Access User:/:
>> noaccess:x:60002:60002:No Access User:/:
>> nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:
>
>Since these users do not have valid shells specified, these would not
>be shown.
These actually have a valid shell (the default shel
>The v3 stop-domain command needs to execute the command on the server
>(as opposed to using "kill" or something like that), which means it
>needs to authenticate with the server. To allow v3 to be more
>compatible
>with v2, we're considering adding a new authentication mechanism that
>will "o
Joerg:
As you probably know, the Desktop team has worked hard over the years
to make sure that GDM works well on Sun Ray. Our plan is to ensure
that the new GDM rewrite also works well on Sun Ray. That said, there
will probably be a few pains in making the transition. However, in the
long run,
Brian Cameron wrote:
>
> Casper:
>
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:
>>>
>>> Since these users do not have valid shells specified, these would not
>>> be shown.
>>
Brian Cameron wrote:
>> 1. Lack of Failsafe session.
>>
>> I see this as a major issue. I use the failsafe session more when I'm
>> not on the console than when I am. In particular I often use failsafe
>> when connecting using VNC or a lot when using Sun Ray. A common use case
>> for me is when co
[Originally sent this to Darren, but forgot to CC PSARC-ext]
Hi Darren,
I got forwarded a pointer to this case that you filed. Thanks for
taking the time to do this.
> http://sac.eng/Archives/CaseLog/arc/PSARC/2009/430/20090811_darren.moffat
I would recommend using the certificate directory ap
Lloyd Chambers wrote:
> Bill Shannon requests some ARC feedback from those knowledgeable about
> security on a new GlassFish 'asadmin' command line feature. Thank you
> for any help you can offer.
>
> "I've implemented the technique described. I'd like to get someone to
> review the security
On Thu, Aug 13, 2009 at 04:25:04PM -0500, Brian Cameron wrote:
> >On Thu, Aug 13, 2009 at 03:08:34PM -0500, Brian Cameron wrote:
> >>I am fairly confident that a change to hardcode the list to a
> >
> >>configuration key would not be accepted upstre
Brian Cameron wrote:
> The gobject-introspection module installs:
> * typelib files to /usr/lib/girepository-1.0
> * GIR files to /usr/share/gir-1.0
>
> for the following modules:
> * OpenGL
> * Glib
> * cairo
> * fontconfig
>
Nicolas:
> On Thu, Aug 13, 2009 at 03:08:34PM -0500, Brian Cameron wrote:
>> I am fairly confident that a change to hardcode the list to a
>
>> configuration key would not be accepted upstream. The upstream GDM
>> community has worked hard to tr
Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
This information is Copyright 2009 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
gobject-introspection and gir-repository
1.2. Name of Document Author/Supplier:
Author: Brian Cameron
1.3 Da
Thanks to everyone who took the time to comment on our proposal. We have
replied to each one in private discussion, and now present this summary
of our responses.
The first 2 items result in some changes or additions to our proposal.
Garrett D'Amore wrote:
> +1. (I cheated -- I've seen the ca
Alan:
>> This is probably a good topic for the inception review.
>
> Wait - is this a fasttrack or a full case? Since you sent out the spec
> to LSARC looking like a fasttrack, I think we all assumed this was the
> fasttrack review, but I've just realized you never actually said it was
> a fast
Hi Garret,
I think the visible difference being the X server terminate key
sequence (Ctrl-Alt-Bkspace) removed from
/usr/X11/lib/X11/xkb/symbols/srvr_ctrl group and put into a new group
/usr/X11/lib/X11/xkb/symbols/terminate. Rest of the server control keys
(Ctrl-Alt-) still remain in /usr/
Darren:
>> Correct. The way the code works is that it calls fgetpwent() and if
>> /etc/passwd contains no value, then that account does not show up in the
>> Face Browser. So, users would need to avoid using the shorthand if they
>> want the user to show up in the GDM Face Browser.
>
> Which name
On Thu, Aug 13, 2009 at 03:08:34PM -0500, Brian Cameron wrote:
> I am fairly confident that a change to hardcode the list to a
> configuration key would not be accepted upstream. The upstream GDM
> community has worked hard to try and make the Face
Alan Coopersmith wrote on 8/13/09 1:45 PM:
> Lloyd Chambers wrote:
>> On server startup, the server would generate a large random number
>> and write it in a file that is readable only by the owner of the
>> file (the user who started the server).
>>
>> Local commands, such as stop-domain, would re
Brian Cameron wrote:
>>> - If the /var/cache/gdm/user-$uid/dmrc file does not exist, then
>>>GDM will log the user into the default session/language or whichever
>>>ones they selected in the GUI. Then it will save the dmrc file to
>>>the cache with the default settings. On next login
Nicolas:
> This could happen at install time (so the face pic is available on
> first login).
Yes, asking at install time for any users that are added to have a
face pic seems a good idea, though I think this is off-topic for this
case.
> Else it could happen on first login. I don't care so
On Thu, 2009-08-13 at 14:29 +0800, Edward Shu wrote:
> > SessionSeat1Local:
> > unix-user = '50'
> > realname = 'GDM Reserved UID'
> > seat = 'Seat1'
> > session-type = 'LoginWindow'
> > display-type
On Thu, Aug 13, 2009 at 02:23:33PM -0700, Garrett D'Amore wrote:
> Dave Plauger wrote:
> >
> >
> >
> >
> >Ivek Szczesniak wrote:
> >>The stdio implementation in libc is among the slowest stdio
> >>versions out there. If you want to archive better performance you
> >>should use the stdio implementat
Nicolas:
> I'd like keyboard A11Y to be enabled, but actual keyboard A11Y features
> disable, with toggle keys enabled. I.e., press and release shift five
> times in a row and get a pop-up asking whether to enable sticky keys,
> for example.
Yes, X server a11y features should work with the new
John:
> The list seems overly static. Why not have a configuration file for
> GDM that has an allow/deny type of syntax?
The old GDM had such configuration keys for specifying that users
be allowed or denied inclusion on the Face Browers. However, the
new GDM does not yet support this sort of c
Garrett D'Amore wrote:
> (What application would bind to Ctrl-Backspace? That's one I've never
> seen before...)
Allegedly, it's common in emacs, though I've never used it in all the years
I've used xemacs.
--
-Alan Coopersmith- alan.coopersmith at sun.com
Sun Microsy
> SessionSeat1Local:
> unix-user = '50'
> realname = 'GDM Reserved UID'
> seat = 'Seat1'
> session-type = 'LoginWindow'
> display-type = 'Local'
> open = 'TRUE'
>
Given that this is a potentially contentious issue, doesn't that
automatically raise it above the bar required for being a fast track
instead of a self-review?
(What application would bind to Ctrl-Backspace? That's one I've never
seen before...)
I realize that this issue may border on the lev
Darren:
>> Looking more closely at the GDM code, I see that it has a hardcoded list
>> of users to not show in the face browser. These include:
>>
>> "bin"
>> "root"
>> "daemon"
>> "adm"
>> "lp"
>> "sync"
>> "shutdown"
>> "halt"
>> "mail"
>> "news"
>> "uucp"
>> "operator"
>> "nobody"
>> GDM_USERN
> SessionSeat1Local:
> unix-user = '50'
> realname = 'GDM Reserved UID'
> seat = 'Seat1'
> session-type = 'LoginWindow'
> display-type = 'Local'
> open = 'TRUE'
>
Dave Plauger wrote:
>
>
>
>
> Ivek Szczesniak wrote:
>> The stdio implementation in libc is among the slowest stdio
>> versions out there. If you want to archive better performance you
>> should use the stdio implementation in libast or use mmap(2).
> This is an interesting implementation suggestio
The net effect being that Ctrl-Alt-Backspace will no longer exit the server
in the default configuration, only after it is configured to do so.
(This is a contentious issue in the X userbase - some have hailed us for
finally stopping the random death of the server to users who mistype
because th
On Thu, Aug 13, 2009 at 01:44:17PM -0500, Brian Cameron wrote:
> >Any way to make sure that A11Y is enabled by default, with toggle keys
> >also enabled by default (but actual A11Y features disabled by default)?
>
> I am not sure what you mean by a11y being enabled but actual features
> disabled.
Lloyd Chambers wrote:
> On server startup, the server would generate a large random number
> and write it in a file that is readable only by the owner of the
> file (the user who started the server).
>
> Local commands, such as stop-domain, would read this file if it's
> available and send the num
Nicolas:
> Any way to make sure that A11Y is enabled by default, with toggle keys
> also enabled by default (but actual A11Y features disabled by default)?
I am not sure what you mean by a11y being enabled but actual features
disabled. If you check "text-to-speech" in the a11y dialog, this
laun
Brian Cameron wrote:
> This is probably a good topic for the inception review.
Wait - is this a fasttrack or a full case? Since you sent out the spec
to LSARC looking like a fasttrack, I think we all assumed this was the
fasttrack review, but I've just realized you never actually said it was
a f
Frank:
>> The new GDM greeter only allows the specification of the background
>> image to be used with the new GDM. Unless the "gdm" user is configured
>> to use a different background image, it will use the same background
>> that is shown by default for a user session. So, without any extra
>>
Alan:
>>> The reason I ask is because the GNOME users and groups tool gets this
>>> wrong on Solaris. It correctly hides by default all those accounts with
>>> a uid< 100 but it doesn't hide the other reserved system accounts:
>>>
>>> nobody:x:60001:60001:NFS Anonymous Access User:/:
>>> noacces
A bunch of questions and concerns from me inline.
Brian Cameron schrieb:
> By default GDM now displays all users on the system in a face browser
> so the user can select the username from a list and then enter the
> password. The most frequent users are displayed first a
Brian Cameron wrote:
>> What about when NIS or LDAP is in use ? Do we really want GDM attempting
>> to display 38,000+ accounts ?
> As I explain above, this should not be an issue.
In a server-based (e.g. thin client) desktop environment, the number of
users who have ever utilized a server could
Darren:
>>> 2. Default using face browser
>>>
>>> What is the definition of a system account ?
>>
>> I appreciate your concern about how the Face Browser works, since it
>> never worked very well with the old GDM, especially in environments
>> where NIS/LDAP is used.
>>
>> However, the new face b
Even better: leave the face browser on by default, but by default leave
the list of users to appear in it _empty_. Then the installer folks
could do something very cute:
- if there's a webcam available on install, then ask the user if they
want to have a pic taken for the face browser, and if
Darren J Moffat schrieb:
> 1. Lack of Failsafe session.
>
> I see this as a major issue. I use the failsafe session more when I'm
> not on the console than when I am. In particular I often use failsafe
> when connecting using VNC or a lot when using Sun Ray. A common use
> case for me is w
On Thu, Aug 13, 2009 at 05:14:01PM +0100, Darren J Moffat wrote:
> >But, if it is a requirement that Solaris by default does not touch the
> >user's $HOME directory before authentication, then the Face Browser
> >would need to be turned off by default. Do we want to be different
> >than other dist
Casper:
>>> nobody:x:60001:60001:NFS Anonymous Access User:/:
>>> noaccess:x:60002:60002:No Access User:/:
>>> nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:
>>
>> Since these users do not have valid shells specified, these would not
>> be shown.
>
> These actually have a valid shel
On Wed, 2009-08-12 at 17:18 +0800, Edward Shu wrote:
> Brian Cameron:
> > 2. Project Summary
> >2.1. Project Description:
> >
> > ConsoleKit is a FreeDesktop framework for defining and tracking
> > users,
> > login sessions and seats. ConsoleKit has two main purposes:
> >
> >
Joerg:
> This really has two separate parts:
>
> - Ability to select a terminal-only session: This ought be possible by
> putting a suitable 'xterm.desktop' file into the /usr/share/xsessions
> directory. Maybe we should ship such a file, but it should be possible
> to disable it. Which leads to
Casper.Dik at sun.com wrote on 8/13/09 8:53 AM:
>
>> The v3 stop-domain command needs to execute the command on the server
>> (as opposed to using "kill" or something like that), which means it
>> needs to authenticate with the server. To allow v3 to be more
>> compatible
>> with v2, we're cons
Darren/Nicolas:
On 08/13/09 02:55, Darren J Moffat wrote:
> Nicolas Williams wrote:
>> On Tue, Aug 11, 2009 at 02:21:31PM -0700, Brian Cameron wrote:
>>> - /usr/lib/gdm-session-worker
>>>
>>> A separate process which handles PAM/audit interactions. The
>>> gdm-simple-slave interacts with it via t
Darren:
Thanks for your questions.
> 1. Lack of Failsafe session.
>
> I see this as a major issue. I use the failsafe session more when I'm
> not on the console than when I am. In particular I often use failsafe
> when connecting using VNC or a lot when using Sun Ray. A common use case
> for me
Brian,
The list seems overly static. Why not have a configuration file for
GDM that has an allow/deny type of syntax?
Thanks,
John
Brian Cameron wrote:
>
> Casper:
>
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:6553
Suresh Chandrasekharan wrote:
> I'm filing this case as self review and automatic approval for Javier
> Acosta. Seeks minor binding.
>
> Suresh
>
>
> Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
> This information is Copyright 2009 Sun Microsystems
> 1. Introduction
> 1.1. Project/Compo
Brian Cameron wrote:
>> Does the face browser need to read anything in the users home dir ? If
>> so it must be disabled by default since it can cause a downgrade attack
>> if the users home directory is supposed to be mounted with Kerberos by
>> default (but can fall back to sys). We have gone to
Brian Cameron wrote:
>
> Darren:
>
> Thanks for your questions.
>
>> 3. Greeter themes
>>
>> What is the impact to the OpenSolaris branding given the new theme
>> restrictions ?
>
> The new GDM greeter only allows the specification of the background
> image to be used with the new GDM. Unless the
Brian Cameron wrote:
>> The reason I ask is because the GNOME users and groups tool gets this
>> wrong on Solaris. It correctly hides by default all those accounts with
>> a uid < 100 but it doesn't hide the other reserved system accounts:
>>
>> nobody:x:60001:60001:NFS Anonymous Access User:/:
>
Nicolas Williams wrote:
> On Tue, Aug 11, 2009 at 02:21:31PM -0700, Brian Cameron wrote:
>> - /usr/lib/gdm-session-worker
>>
>> A separate process which handles PAM/audit interactions. The
>> gdm-simple-slave interacts with it via the gdm-session D-Bus
>> inte
Brian Cameron wrote:
>
> Darren:
>
>>> Exported Interfaces Stability Comments
>>> --- -
>>>
>>> /usr/bin/elisa Obsolete Volatile binary
>>
>> Is this case still delivering a /usr/bin/elisa ?
>
> No.
>
>> If not then it isn't "Obsolete Volatil
Brian Cameron wrote:
>
> Darren and Gary:
>
>>> On some Linux systems, the pam_ck_connector is used to ensure that
>>> non-graphical logins (e.g. telnet, ssh, etc.) are registered with
>>> ConsoleKit. Thus ConsoleKit can be used as a utmp/wtmp replacement
>>> since it stores a superset of the inf
This case was approved in PSARC on Wednesday 12th August.
--
Darren J Moffat
Bill Shannon requests some ARC feedback from those knowledgeable about
security on a new GlassFish 'asadmin' command line feature. Thank you
for any help you can offer.
"I've implemented the technique described. I'd like to get someone to
review the security aspects of the implementation a
I'm filing this case as self review and automatic approval for Javier
Acosta. Seeks minor binding.
Suresh
Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
This information is Copyright 2009 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
xkeyboard-config up
74 matches
Mail list logo
