Hi
Sorry for the delay, just got back home.
On Tue, Aug 12, 2014 at 12:19 PM, Tom Gundersen wrote:
> On Tue, Aug 12, 2014 at 2:48 AM, Anatol Pomozov
> wrote:
>> Thanks for the instructions, here is the log
>> https://gist.github.com/anatol/cb497118cfad6af3dc60
>>
>> The interesting entries are:
On 08/21/2014 12:58 PM, WaLyong Cho wrote:
> move selinux label APIs to selinux-label.ch
> And label_{selinxu/smack}_ prefix are changed to mac_{selinux/smack}_
Ah, sorry, label_{selinxu/smack}_ should be {selinux/smack}_label_
WaLyong
> respectively.
move selinux label APIs to selinux-label.ch
And label_{selinxu/smack}_ prefix are changed to mac_{selinux/smack}_
respectively.
---
src/core/main.c | 4 +-
src/core/namespace.c | 4 +-
src/core/selinux-setup.c | 4 +-
src/core/socket.c | 24 +--
src/h
If selinux is disabled and smack is only enabled, smack label is
relable-ed by label_fix. To avoid, make only be labeled for selinux.
---
src/udev/udev-node.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c
index 6a9788b..00ade2c
On 08/21/2014 08:05 AM, Lennart Poettering wrote:
> On Wed, 20.08.14 14:22, WaLyong Cho (walyong@samsung.com) wrote:
>
>> use {selinux/smack}-label.ch instread of {selinux/smack}-util.ch
>> move selinux label APIs to selinux-label.ch
>> use label_{selinxu/smack}_ prefix
>
> Hmm, wasn't the la
On Thu, Aug 21, 2014 at 12:35 AM, Lennart Poettering
wrote:
> On Wed, 20.08.14 17:28, Tom Gundersen (t...@jklm.no) wrote:
>
>> +
>> +_public_ int sd_event_wait(sd_event *e, uint64_t timeout) {
>> +struct epoll_event *ev_queue;
>> +unsigned ev_queue_max;
>> +int r, m, i;
>>
On Wed, 20.08.14 14:22, WaLyong Cho (walyong@samsung.com) wrote:
> use {selinux/smack}-label.ch instread of {selinux/smack}-util.ch
> move selinux label APIs to selinux-label.ch
> use label_{selinxu/smack}_ prefix
Hmm, wasn't the last idea we agreed on to use "mac_selinux_" and
"mac_smack_" a
On Tue, 19.08.14 15:46, Ivan Shapovalov (intelfx...@gmail.com) wrote:
> On Monday 18 August 2014 at 22:04:29, Ivan Shapovalov wrote:
> > [..]
> > > >
> > > > Even if initramfs-only, ordering dependencies still need to be worked
> > > > out.
> > > > Inside of initramfs, neither systemd-fsck-roo
On Wed, 20.08.14 19:53, Michal Sekletar (msekl...@redhat.com) wrote:
> This makes possible to spawn service instances triggered by socket with
> MLS/MCS SELinux labels which are created based on information provided by
> connected peer.
>
> Implementation of label_get_child_label derived from xin
On Wed, 20.08.14 19:08, Michal Sekletar (msekl...@redhat.com) wrote:
>
> On Wed, Aug 13, 2014 at 09:42:14PM +0200, Lennart Poettering wrote:
>
> > > @@ -1773,6 +1782,9 @@ static void socket_enter_running(Socket *s, int
> > > cfd) {
> > > cfd = -1;
> > > s->n_co
On Wed, 20.08.14 17:28, Tom Gundersen (t...@jklm.no) wrote:
I'd really like to see this code reduced to the minimum included in the
man page of the respective sd-event functions, instead of shipping a
library for this.
I think we should be able to make this ridiculously short so that it
could wor
On Wed, 20.08.14 17:28, Tom Gundersen (t...@jklm.no) wrote:
> +
> +_public_ int sd_event_wait(sd_event *e, uint64_t timeout) {
> +struct epoll_event *ev_queue;
> +unsigned ev_queue_max;
> +int r, m, i;
> +
> +assert_return(e, -EINVAL);
> +assert_return(!even
On Wed, 20.08.14 17:50, Roman Dushko (rdus...@cogniance.com) wrote:
> Hi guys!
>
> I'm having trouble with a Bluetooth service on my laptop Lenovo ThinkPad
> Edge 15.
> Below you may find extraction from logs.
> Bluetooth worked fine before I updated (wheezy + testing) system on
> Tuesday, 19 Aug
On Wed, 20.08.14 11:45, Filipe Brandenburger (filbran...@google.com) wrote:
> Hi,
>
> I'm wondering about systemd's build dependency on dbus... I see that
> the configure script checks for dbus, but the exported variables are
> rarely used.
>
> For instance, HAVE_DBUS is defined but only used in
On Wed, 20.08.14 20:43, Colin Guthrie (gm...@colin.guthr.ie) wrote:
>
> Lennart Poettering wrote on 20/08/14 01:59:
> > Heya!
> >
> > This is a major new release. Among many other changes systemd-resolved
> > is now a pretty complete caching DNS and LLMNR stub resolver.
> >
> > http://www.freed
On Wed, 20.08.14 21:58, Andrei Borzenkov (arvidj...@gmail.com) wrote:
> > > I do not know how often Android users need to exchange data with
> > > Windows via USB stick, but I have to do it pretty often and it sounds
> > > like now my timestamps will be wrong. Could you please name commit that
> >
On Wed, 20.08.14 16:08, Colin Guthrie (gm...@colin.guthr.ie) wrote:
> > We break that cycle by also offering a way how user systemd-sysusers can
> > be invoked with reading its data from stdin. The idea is then that the
> > packages in question duplicate the user definition inline in the pre
> > p
On Wed, 20.08.14 16:48, Christian Häßelbarth (m...@christianhaesselbarth.de)
wrote:
> I've set the storage option to "none" in my journal.conf, assuming that
> journald
> will drop all data. Is that correct?
Well, I am not sure what you mean by "drop". Versions of journald older
than 216 actual
On 08/20/2014 06:16 PM, Djalal Harouni wrote:
> On Tue, Aug 19, 2014 at 09:15:35AM +0200, Daniel Mack wrote:
>> Hmm, I'm not convinced this buys us anything really. After all, that
>> struct has a single user only, and factoring out these fields doesn't
>> necessarily lead to more readability.
> H
Lennart Poettering wrote on 20/08/14 01:59:
> Heya!
>
> This is a major new release. Among many other changes systemd-resolved
> is now a pretty complete caching DNS and LLMNR stub resolver.
>
> http://www.freedesktop.org/software/systemd/systemd-216.tar.xz
>
> CHANGES WITH 216:
Can I ask if so
On Wed, Aug 20, 2014 at 09:58:09PM +0400, Andrei Borzenkov wrote:
> В Wed, 20 Aug 2014 13:57:36 +0200
> Lennart Poettering пишет:
>
> > >
> > > I do not know how often Android users need to exchange data with
> > > Windows via USB stick, but I have to do it pretty often and it sounds
> > > like
В Wed, 20 Aug 2014 13:57:36 +0200
Lennart Poettering пишет:
> >
> > I do not know how often Android users need to exchange data with
> > Windows via USB stick, but I have to do it pretty often and it sounds
> > like now my timestamps will be wrong. Could you please name commit that
> > does it?
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_label derived from xinetd.
Reviewed-by: Paul Moore
---
Changes in v2:
* make possible to us
On 20/08/14 16:28, Tom Gundersen wrote:
> +int attach_sd_event_to_g_main_loop(GMainLoop *loop, sd_event *event) {
(I know this is only a proof of concept but)
I think the construct you're looking for is a GMainContext, not a GMainLoop:
https://tecnocode.co.uk/2014/03/27/what-is-gmaincontext/
On Wed, Aug 13, 2014 at 09:42:14PM +0200, Lennart Poettering wrote:
> > @@ -1773,6 +1782,9 @@ static void socket_enter_running(Socket *s, int cfd) {
> > cfd = -1;
> > s->n_connections ++;
> >
> > +if (s->selinux_labeled_net)
> > +
On 08/20/2014 06:41 PM, Djalal Harouni wrote:
> Signed-off-by: Djalal Harouni
> ---
> test/kdbus-util.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
Applied, thanks!
>
> diff --git a/test/kdbus-util.c b/test/kdbus-util.c
> index f79d7ec..5b3df7d 100644
> --- a/test/kdbus-util.c
Signed-off-by: Djalal Harouni
---
test/kdbus-util.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/test/kdbus-util.c b/test/kdbus-util.c
index f79d7ec..5b3df7d 100644
--- a/test/kdbus-util.c
+++ b/test/kdbus-util.c
@@ -471,8 +471,8 @@ void msg_dump(const struct conn *conn
On Wed, Aug 20, 2014 at 06:04:09PM +0200, Daniel Mack wrote:
> On 08/20/2014 05:58 PM, Djalal Harouni wrote:
> > case KDBUS_ITEM_AUDIT:
> > - printf(" +%s (%llu bytes) loginuid=%llu
> > sessionid=%llu\n",
> > + printf(" +%s (%llu bytes) sessionid=%
On Tue, Aug 19, 2014 at 09:15:35AM +0200, Daniel Mack wrote:
> Hi Djalal,
Thanks for applying the others.
> On 08/19/2014 03:43 AM, Djalal Harouni wrote:
> > Some creds can be gathered during kdbus_meta_append() instead of
> > kdbus_conn_queue_alloc() where they will be gathered for all the
> > r
On 08/20/2014 05:58 PM, Djalal Harouni wrote:
> case KDBUS_ITEM_AUDIT:
> - printf(" +%s (%llu bytes) loginuid=%llu
> sessionid=%llu\n",
> + printf(" +%s (%llu bytes) sessionid=%llu
> loginuid=%llu\n",
> enum_MSG(
On 08/20/2014 05:58 PM, Djalal Harouni wrote:
> Do the namespace translation just before pushing into the receiver's
> slice, so we map to the receiver's user namespace.
>
> Patch tested.
>
> Signed-off-by: Djalal Harouni
Applied, thanks!
> ---
> connection.c | 37 +++
Do the namespace translation just before pushing into the receiver's
slice, so we map to the receiver's user namespace.
Patch tested.
Signed-off-by: Djalal Harouni
---
connection.c | 37 +
metadata.c | 3 +++
metadata.h | 4
3 files changed, 44 ins
We have sessionid then loginuid in kdbus_audit.
Signed-off-by: Djalal Harouni
---
test/kdbus-util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/kdbus-util.c b/test/kdbus-util.c
index f79d7ec..956fa6f 100644
--- a/test/kdbus-util.c
+++ b/test/kdbus-util.c
@@ -469,7 +4
This will allow sd-event to be integrated into an external event loop, which
in turn will allow (say) glib-based applications to use our various libraries,
without manually integrating each of them (bus, rtnl, dhcp, ...).
The external event-loop should integrate sd-event int he following way:
Eve
Just a test-case for the sd_event hooks, not to be merged (obviously).
This introduces (MIT licensed) glib-event-glue.[ch], which is meant to
end up as an example people could copy. Will probably need to find a home
for it though.
---
Makefile.am| 15 -
src/network/glib-e
Lennart Poettering wrote on 20/08/14 14:58:
> On Wed, 20.08.14 15:50, Michal Witanowski (m.witanow...@samsung.com) wrote:
>
>>
>> The inhibit locks mechanism seems to be the solution, but another problem
>> appeared. I am unable to call Inhibit() method as non-root user. In the
>> documentation I
On 08/20/2014 06:46 AM, Dale R. Worley wrote:
From: Lennart Poettering
Note that a concept of "mount at boot if it is there, otherwise don't"
cannot work.
It worked until a week or two ago. I want it back.
I'm sure you're right that in the abstract, it cannot be made to
work. But that is
Lennart Poettering wrote on 20/08/14 14:54:
> On Wed, 20.08.14 09:40, Dave Reisner (d...@falconindy.com) wrote:
>
The sysusers.d file shipped with this has:
u systemd-journal-remote- "systemd Journal Remote"
But the tmpfiles.d fragment has:
>>>
Hi guys!
I'm having trouble with a Bluetooth service on my laptop Lenovo ThinkPad
Edge 15.
Below you may find extraction from logs.
Bluetooth worked fine before I updated (wheezy + testing) system on
Tuesday, 19 August 2014...
rodush@rdushko /$ journalctl -xn
-- Logs begin at Wed 2014-08-20 13:5
> Lennart Poettering hat am 20. August 2014 um 15:14
> geschrieben:
>
>
> On Wed, 20.08.14 09:08, Christian Häßelbarth (m...@christianhaesselbarth.de)
> wrote:
>
> > Hi all,
> >
> > I'm using systemd in version 197.
> > I've observed that the heap size of the journald continuously grows.
> >
> >
On Wed, Aug 20, 2014 at 03:29:37PM +0200, Lennart Poettering wrote:
> On Wed, 20.08.14 12:01, Michal Sekletar (msekl...@redhat.com) wrote:
>
> > > > +if (context->selinux_labeled_net &&
> > > > use_selinux()) {
> > > > +_cleanup_free_ char *
On Wed, 20.08.14 15:50, Michal Witanowski (m.witanow...@samsung.com) wrote:
>
> The inhibit locks mechanism seems to be the solution, but another problem
> appeared. I am unable to call Inhibit() method as non-root user. In the
> documentation I read "Taking inhibitor locks is a privileged operat
On Wed, 20.08.14 09:40, Dave Reisner (d...@falconindy.com) wrote:
> > > The sysusers.d file shipped with this has:
> > >
> > > u systemd-journal-remote- "systemd Journal Remote"
> > >
> > > But the tmpfiles.d fragment has:
> > >
> > > z /var/log/journal/remote 2755 roo
The inhibit locks mechanism seems to be the solution, but another problem
appeared. I am unable to call Inhibit() method as non-root user. In the
documentation I read "Taking inhibitor locks is a privileged operation.
Depending on the action...". But how can I add a user to privileged users
group?
> From: Lennart Poettering
> Note that a concept of "mount at boot if it is there, otherwise don't"
> cannot work.
It worked until a week or two ago. I want it back.
I'm sure you're right that in the abstract, it cannot be made to
work. But that isn't the problem I'm facing.
Dale
___
On Wed, Aug 20, 2014 at 01:52:51PM +0200, Lennart Poettering wrote:
> On Tue, 19.08.14 22:25, Dave Reisner (d...@falconindy.com) wrote:
>
> > The sysusers.d file shipped with this has:
> >
> > u systemd-journal-remote- "systemd Journal Remote"
> >
> > But the tmpfiles.d f
On Wed, 20.08.14 12:01, Michal Sekletar (msekl...@redhat.com) wrote:
> > > +if (context->selinux_labeled_net &&
> > > use_selinux()) {
> > > +_cleanup_free_ char *label = NULL;
> > > +
> > > +err = label_get_s
Lennart Poettering wrote:
> On Wed, 20.08.14 10:25, Florian Lindner (mailingli...@xgm.de) wrote:
>
>> The timer I try to enable contains a Install section.
>>
>> florian@asaru ~/.config/systemd/user % cat git-commit@.timer
>> [Unit]
>> Description=Timer to commit all changes in instance.
>>
>>
On Wed, 20.08.14 09:08, Christian Häßelbarth (m...@christianhaesselbarth.de)
wrote:
> Hi all,
>
> I'm using systemd in version 197.
> I've observed that the heap size of the journald continuously grows.
>
> I used "cat /proc/[PID_OF_JOUNALD]/smaps for observing the heap size.
>
> Right after s
On Wed, 20.08.14 10:25, Florian Lindner (mailingli...@xgm.de) wrote:
> The timer I try to enable contains a Install section.
>
> florian@asaru ~/.config/systemd/user % cat git-commit@.timer
> [Unit]
> Description=Timer to commit all changes in instance.
>
> [Timer]
> OnUnitActiveSec=5min
> OnAct
On Wed, 20.08.14 06:21, Andrei Borzenkov (arvidj...@gmail.com) wrote:
>
> В Tue, 19 Aug 2014 22:54:04 +0200
> Lennart Poettering пишет:
>
> > On Tue, 19.08.14 19:34, Florian Lindner (mailingli...@xgm.de) wrote:
> >
> > > Hello,
> > > I have a systemd unit that should do a commit on a specific
On Wed, 20.08.14 06:43, Andrei Borzenkov (arvidj...@gmail.com) wrote:
>
> В Wed, 20 Aug 2014 02:59:52 +0200
> Lennart Poettering пишет:
>
> > Heya!
> >
> > This is a major new release. Among many other changes systemd-resolved
> > is now a pretty complete caching DNS and LLMNR stub resolver.
>
On Tue, 19.08.14 22:25, Dave Reisner (d...@falconindy.com) wrote:
> The sysusers.d file shipped with this has:
>
> u systemd-journal-remote- "systemd Journal Remote"
>
> But the tmpfiles.d fragment has:
>
> z /var/log/journal/remote 2755 root systemd-journal-remote - -
Anthony Messina wrote:
> On Wednesday, August 20, 2014 10:25:35 AM Florian Lindner wrote:
>> [Timer]
>> OnUnitActiveSec=5min
>> OnActiveSec=5min
>> AccuracySec = 5min
>
> I'm not sure it matters, but you have some extra spaces around "=" after
> AccuracySec.
No, that shouldn't be the problem, I
On Wed, Aug 13, 2014 at 09:42:14PM +0200, Lennart Poettering wrote:
> On Tue, 05.08.14 13:46, Michal Sekletar (msekl...@redhat.com) wrote:
>
> > This makes possible to spawn service instances triggered by socket with
> > MLS/MCS SELinux labels which are created based on information provided by
> >
On Wednesday, August 20, 2014 10:25:35 AM Florian Lindner wrote:
> [Timer]
> OnUnitActiveSec=5min
> OnActiveSec=5min
> AccuracySec = 5min
I'm not sure it matters, but you have some extra spaces around "=" after
AccuracySec.
--
Anthony - https://messinet.com/ - https://messinet.com/~amessina/gal
Florian Lindner wrote:
> Andrei Borzenkov wrote:
>
>> В Tue, 19 Aug 2014 22:08:26 +0200
>> Florian Lindner пишет:
>>
>>> Andrei Borzenkov wrote:
>>>
>>> > В Tue, 19 Aug 2014 20:59:55 +0200
>>> > Florian Lindner пишет:
>>> >
>>> >>
>>> >> I also try to set up a matching timer:
>>> >>
>>> >>
Andrei Borzenkov wrote:
> В Tue, 19 Aug 2014 22:08:26 +0200
> Florian Lindner пишет:
>
>> Andrei Borzenkov wrote:
>>
>> > В Tue, 19 Aug 2014 20:59:55 +0200
>> > Florian Lindner пишет:
>> >
>> >>
>> >> I also try to set up a matching timer:
>> >>
>> >> systemctl --user start git-commit@/home
Hi all,
I'm using systemd in version 197.
I've observed that the heap size of the journald continuously grows.
I used "cat /proc/[PID_OF_JOUNALD]/smaps for observing the heap size.
Right after starting the heap size is about 772 kB
10041000-10102000 rwxp 00:00 0 [heap]
Size:
59 matches
Mail list logo
