On Tue, 2015-01-20 at 19:35 +0200, Patrik Flykt wrote:
> Hi,
>
> Here is version 2 updated according to comments.
>
> The trivial debug printout removal being too trivial is no longer
> part of this set. NTP and DNS information I also left off, I think
> there might have been a few bugs s
В Tue, 27 Jan 2015 03:30:22 +0100
Lennart Poettering пишет:
> On Fri, 23.01.15 08:51, Martin Polednik (mpoled...@redhat.com) wrote:
>
> > > Quite frankly, I cannot make sense of these sentences. I have no clue
> > > what a "SR-IOV", "virtual function", "physical function" is supposed
> > > to be
> Hmm, not sure I follow.
>
It only happens if I'm logged in as root in tmux.
> The session is shown as closing, that's good. Can you check what
> "systemctl status" reports on the scope unit if this hang happens?
>
> Lennart
>
I'm not sure if I did the right thing, but there it is.
Afte
On Mon, Jan 26, 2015 at 6:08 PM, Lennart Poettering
wrote:
> On Fri, 23.01.15 19:35, Christian Seiler (christ...@iwakd.de) wrote:
>
>> - I hope I didn't forget anything
>
> I spent quite some time to ensuer that systemd systems work
> out-of-the-box in container managers. Any container manager th
On Fri, 23.01.15 08:51, Martin Polednik (mpoled...@redhat.com) wrote:
> > Quite frankly, I cannot make sense of these sentences. I have no clue
> > what a "SR-IOV", "virtual function", "physical function" is supposed
> > to be.
> >
> > Please explain what this all is, before we can think of addin
On Tue, 27.01.15 02:12, Mikhail Morfikov (mmorfi...@gmail.com) wrote:
>
> > Normally, the SIGTERM should be delivered instantly on logout from
> > logind. Unless the PAM session end hook wasn't called or so.
> >
> > If you log in as root, and then reproduce the 20s wait for another
> > user what
On Fri, 23.01.15 19:35, Christian Seiler (christ...@iwakd.de) wrote:
> - explicitly enable getty@tty{1,2,3,4}.service
Why? This cannot work. The getty services assume a Linux console tty,
they will issue ioctls and ansi sequences that only the linux console
supports, and do VT management on them
On Sun, 25.01.15 12:23, Topi Miettinen (toiwo...@gmail.com) wrote:
> There's no need for CAP_CHOWN, CAP_DAC_OVERRIDE or CAP_FOWNER.
Hmm, that's not true, is it? load_clock_timestamp() is invoked before
we drop privs in the daemon. And it certainly calls fchmod() and
fchown(), so that it can later
> Normally, the SIGTERM should be delivered instantly on logout from
> logind. Unless the PAM session end hook wasn't called or so.
>
> If you log in as root, and then reproduce the 20s wait for another
> user what does "loginctl session-status" and "loginctl user-status"
> say about the session/
On Mon, 26.01.15 00:33, Tomasz Pawlak (toma...@wp.pl) wrote:
> You are right, but it's not as simple as it may look at first sight:
>
> 1. If we allow the process to continue without sig handlers
> installed, then results can be just catastrophic: kernel panic with
> all the services launched ->
On Mon, 26.01.15 23:45, Tomasz Pawlak (toma...@wp.pl) wrote:
> > Actually it *is* protected, see kill(2). Signals are ignored for PID 1
> > unless it installed handlers for them. Nevertheless, we probably want to
> > abort on SIGSEGV and similar and not continue, so we shouldn't ever run
> > witho
On Sun, 25.01.15 03:37, Tomasz Pawlak (toma...@wp.pl) wrote:
> core/main.c:1519
> /* Make sure we leave a core dump without panicing the
>* kernel. */
> if (getpid() == 1) {
> install_crash_handler();
>
> r = mount_cgroup_controllers(arg_join_contro
On Mon, 26.01.15 14:00, Umut Tezduyar Lindskog (u...@tezduyar.com) wrote:
> Hi,
>
> condition_test_needs_update() wants the timestamp of /usr to be newer
> than what is being checked.
>
> Is there a reason why we don't check for "/usr !=
> Condition.parameter"?
Well, when I hacked that up, I di
On Mon, 26.01.15 07:34, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote:
I now commited this after changing this to laccess().
Thanks!
> The offline update mechanism is explicitly designed to work with a
> separate /var. systemd-update-generator is supposed to run early,
> before filesyste
On Sat, 24.01.15 14:20, Sangjung Woo (sangjung@samsung.com) wrote:
> According to the glibc manual, secure_getenv() is more trustful than
> getenv() since it returns a null pointer if the environment is untrusted
> such as setting SUID or SGID bits. Moreover, libraries should use
> secure_gete
On Sun, 25.01.15 07:10, Topi Miettinen (toiwo...@gmail.com) wrote:
> On 01/25/15 03:34, Zbigniew Jędrzejewski-Szmek wrote:
> > On Sat, Jan 24, 2015 at 10:39:56AM +0200, Topi Miettinen wrote:
> >> Leave space for the terminating zero when reading and make sure
> >> that the last byte is zero. This
On Tue, 27.01.15 01:00, Mikhail Morfikov (mmorfi...@gmail.com) wrote:
> > Sorry, but I cannot parse this. Do you want a delay because when
> > logging out and back in you want to be able to reuse your old
> > gpg-agent? Or what precisely is the current behaviour and what do you
> > want it to be i
On Sun, 25.01.15 18:46, Cristian Rodríguez (crrodrig...@opensuse.org) wrote:
> GCC5 introduces -fno-semantic-interposition allowing
> better code generation in shared libraries at the cost
> of making interposition of exported symbols impossible
> (i.e, a 3rd party shared library overriding sd_not
> Sorry, but I cannot parse this. Do you want a delay because when
> logging out and back in you want to be able to reuse your old
> gpg-agent? Or what precisely is the current behaviour and what do you
> want it to be instead?
>
> Lennart
>
No, I just want to speed it up. Now I have to wait abou
On Mon, 26.01.15 15:44, Michael Biebl (mbi...@gmail.com) wrote:
> 2015-01-26 14:59 GMT+01:00 Dave Reisner :
> > This reverts part of c2c13f2df42e0, which introduced this with no
> > explanation as to *why*. Enslaving the mount namespace breaks default
> > behavior included in rules/60-cdrom_id.rul
On Mon, 26.01.15 08:59, Dave Reisner (dreis...@archlinux.org) wrote:
> This reverts part of c2c13f2df42e0, which introduced this with no
> explanation as to *why*. Enslaving the mount namespace breaks default
> behavior included in rules/60-cdrom_id.rules. Specifically, filesystems
> on optical me
On Mon, 26.01.15 17:25, Topi Miettinen (toiwo...@gmail.com) wrote:
> On 01/26/15 16:13, Lennart Poettering wrote:
> > On Sat, 24.01.15 10:09, Topi Miettinen (toiwo...@gmail.com) wrote:
> >
> >> Hello,
> >>
> >> It would be useful to be able to use PrivateDevices with additional
> >> devices to th
On Mon, 26.01.15 16:51, Michael Olbrich (m.olbr...@pengutronix.de) wrote:
> I've tested getrandom(): With 384 the kernel dumps a warning, because the
> syscall does not exist. With 278 the syscall tracer tells me that it's
> called when I run e.g. journalctl, so that looks good.
> I've not tested
Dnia Poniedziałek, 26 Stycznia 2015 07:58 Zbigniew Jędrzejewski-Szmek
napisał(a)
> On Sun, Jan 25, 2015 at 03:37:09AM +0100, Tomasz Pawlak wrote:
> > core/main.c:1519
> > /* Make sure we leave a core dump without panicing the
> >* kernel. */
> > if (getpid() == 1) {
> >
On Mon, 26.01.15 17:07, Topi Miettinen (toiwo...@gmail.com) wrote:
> On 01/26/15 12:41, Simon McVittie wrote:
> > On 24/01/15 10:09, Topi Miettinen wrote:
> >> For example, smartd only needs access to /dev/sd*.
> >
> > Let me spell that differently: smartd "only" needs the ability to make
> > arb
On Mon, 26.01.15 20:17, Mikhail Morfikov (mmorfi...@gmail.com) wrote:
> I'm using standalone Openbox and when I log out by killing Xserver
> (ctrl+alt+backspace), some processes stay alive even though the user
> logged out completely. I know there's a KillUserProcesses option in
> the /etc/systemd
I'm using standalone Openbox and when I log out by killing Xserver
(ctrl+alt+backspace), some processes stay alive even though the user
logged out completely. I know there's a KillUserProcesses option in
the /etc/systemd/logind.conf file, and it works just fine, but with a
little lag. I mean, those
On 01/26/15 16:13, Lennart Poettering wrote:
> On Sat, 24.01.15 10:09, Topi Miettinen (toiwo...@gmail.com) wrote:
>
>> Hello,
>>
>> It would be useful to be able to use PrivateDevices with additional
>> devices to the basic set (null, zero, urandom etc). For example, smartd
>> only needs access to
On 01/26/15 12:41, Simon McVittie wrote:
> On 24/01/15 10:09, Topi Miettinen wrote:
>> For example, smartd only needs access to /dev/sd*.
>
> Let me spell that differently: smartd "only" needs the ability to make
> arbitrary filesystem changes, defeating any possible configurable
> security mechan
Heya!
Here's a final reminder that the next systemd hackfest takes place
this friday at the Brussels Marriott Hotel. For details, please see:
https://plus.google.com/u/0/events/c56kbn26s6g01n6m4tj2nmdgnfc
It would be nice to sign up at this Google Event if you intend to
come, so that we can plan
On Mon, 26.01.15 07:34, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote:
> The offline update mechanism is explicitly designed to work with a
> separate /var. systemd-update-generator is supposed to run early,
> before filesystems are mounted, so it cannot check if the
> /system-update symli
On Sat, 24.01.15 10:09, Topi Miettinen (toiwo...@gmail.com) wrote:
> Hello,
>
> It would be useful to be able to use PrivateDevices with additional
> devices to the basic set (null, zero, urandom etc). For example, smartd
> only needs access to /dev/sd*. It would be a bit complex to do this
> wit
---
Hi,
I've tested getrandom(): With 384 the kernel dumps a warning, because the
syscall does not exist. With 278 the syscall tracer tells me that it's
called when I run e.g. journalctl, so that looks good.
I've not tested memfd_create() but it's defined right below getrandom() in
asm-generic/un
On Mon, Jan 26, 2015 at 03:29:14PM +0100, Torstein Husebø wrote:
> ---
> NEWS | 8
> TODO | 2 +-
> man/crypttab.xml | 2 +-
> man/networkctl.xml| 2 +-
> man/sd_event_add_child.xml
2015-01-26 14:59 GMT+01:00 Dave Reisner :
> This reverts part of c2c13f2df42e0, which introduced this with no
> explanation as to *why*. Enslaving the mount namespace breaks default
> behavior included in rules/60-cdrom_id.rules. Specifically, filesystems
> on optical media will not be properly unm
---
NEWS | 8
TODO | 2 +-
man/crypttab.xml | 2 +-
man/networkctl.xml| 2 +-
man/sd_event_add_child.xml| 2 +-
man/sd_notify.xml | 2 +-
shell-comple
This reverts part of c2c13f2df42e0, which introduced this with no
explanation as to *why*. Enslaving the mount namespace breaks default
behavior included in rules/60-cdrom_id.rules. Specifically, filesystems
on optical media will not be properly unmounted when the physical eject
button is used in t
Hi,
condition_test_needs_update() wants the timestamp of /usr to be newer
than what is being checked.
Is there a reason why we don't check for "/usr != Condition.parameter"?
It makes sense to check for "/usr > Condition.parameter" in a package
managed linux but our embedded system is upgrading t
On Mon, Jan 26, 2015 at 12:07 AM, Jan Engelhardt wrote:
>
> On Sunday 2015-01-25 23:51, Jan Engelhardt wrote:
>>
>>The virtual machine only receives L2 frames destined for 08:00:27:0a:c5:b2
>>(and broadcast), even when enp0s3 is in promisc mode.
>>This may very well be an artifact of TAP, or of ho
On 24/01/15 10:09, Topi Miettinen wrote:
> For example, smartd only needs access to /dev/sd*.
Let me spell that differently: smartd "only" needs the ability to make
arbitrary filesystem changes, defeating any possible configurable
security mechanism.
If you give it access to /dev/sd* but not to o
Peter Mattern [2015-01-23 14:03 +0100]:
> According to man
> (http://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html,
> see section "Description") systemd-gpt-auto-generator is supposed to behave
> like this by now already.
Supposed yes, but I don't see anything in gpt-au
41 matches
Mail list logo
