From: Lennart Poettering
Subject: Re: [systemd-devel] A missing SELinux unit access check due to
unexpected UNIT_NOT_FOUND unit object
Date: Fri, 19 Jun 2015 12:34:40 +0200
> On Fri, 19.06.15 12:06, HATAYAMA Daisuke (d.hatay...@jp.fujitsu.com) wrote:
>
>> From: Lennart Poettering
systemd creates a unit object of A.service when it is referenced in
various contexts such as that systemd parses a unit file and finds a
dependency, like After=A.service, in some unit file or via systemd is
requested a D-Bus operation such as systemctl status A.service, and
then registers it in man
Currently, SELinux unit access check is not performed if a given unit
file has not been registered in a hash table. This is because function
manager_get_unit() only tries to pick up a Unit object from a Unit
hash table. Instead, we use function manager_load_unit() searching
Unit file pathes for the
From: Lennart Poettering
Subject: Re: [systemd-devel] A missing SELinux unit access check due to
unexpected UNIT_NOT_FOUND unit object
Date: Thu, 18 Jun 2015 13:23:25 +0200
> On Thu, 18.06.15 18:14, HATAYAMA Daisuke (d.hatay...@jp.fujitsu.com) wrote:
>
>> Currently, there's a
From: Lennart Poettering
Subject: Re: [systemd-devel] [PATCH v2] selinux: fix missing SELinux unit
access check
Date: Thu, 18 Jun 2015 13:30:43 +0200
> On Thu, 18.06.15 18:29, HATAYAMA Daisuke (d.hatay...@jp.fujitsu.com) wrote:
>
>> >> int r;
>> >>
From: Lennart Poettering
Subject: Re: [systemd-devel] [PATCH v2] selinux: fix missing SELinux unit
access check
Date: Wed, 17 Jun 2015 18:25:32 +0200
> On Wed, 10.06.15 14:40, HATAYAMA Daisuke (d.hatay...@jp.fujitsu.com) wrote:
>
>> From 398deee74edb06b54b8a74c25697cd6d977d8f2d M
80) at
src/core/manager.c:1002
#20 0x7f01e5a595e6 in manager_reload (m=0x7f01e7a93680) at
src/core/manager.c:2571
#21 0x7f01e5a4e0f7 in main (argc=5, argv=0x7ffd21b55618) at
src/core/main.c:1767
On the other hand, if we copy both unit service files and then try to
enable both in or
ystemctl enable test.service
~]# ./foo.sh
Test
I used selinux-context branch of
https://github.com/keszybz/systemd.git in this test to avoid the issue
in https://bugzilla.redhat.com/show_bug.cgi?id=1224211.
--
Thanks.
HATAYAMA, Daisuke
From 398deee74edb06b54b8a74c25697cd6d977d8f2d Mon Sep 17
From: HATAYAMA Daisuke
Subject: Re: [systemd-devel] [PATCH] selinux: fix missing SELinux unit access
check
Date: Wed, 10 Jun 2015 12:18:48 +0900 (JST)
> From: Lennart Poettering
> Subject: Re: [systemd-devel] [PATCH] selinux: fix missing SELinux unit access
> check
> Date: Mon, 8
From: Lennart Poettering
Subject: Re: [systemd-devel] [PATCH] selinux: fix missing SELinux unit access
check
Date: Mon, 8 Jun 2015 12:37:14 +0200
> On Mon, 08.06.15 19:00, HATAYAMA Daisuke (d.hatay...@jp.fujitsu.com) wrote:
>
>> Currently, SELinux unit access check is not performe
the given Unit file.
Signed-off-by: HATAYAMA Daisuke
---
src/core/selinux-access.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index decd42f..36bdbcc 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux
(2014/08/28 4:46), Lennart Poettering wrote:
On Wed, 27.08.14 09:47, HATAYAMA, Daisuke (d.hatay...@jp.fujitsu.com) wrote:
Sounds like the right option here... I have now added a slightly
different patch (1dedb74a2e1d840b531b76b01a76979f3b57456b) that does
this.
Thanks! But this could
(2014/08/27 4:17), Lennart Poettering wrote:
On Mon, 25.08.14 12:32, HATAYAMA Daisuke (d.hatay...@jp.fujitsu.com) wrote:
Hello,
Heya!
When trapping SIGTERM in a script and running systemctl from the
script, systemctl sometimes hangs with tty-ask-password agent process.
Hmm, so in
Hello,
When trapping SIGTERM in a script and running systemctl from the
script, systemctl sometimes hangs with tty-ask-password agent process.
I have no idea whether systemd developpers think this is a bug or
not. If this is a bug, I have three ideas to fix this. This patch is
based on the 1).
1
there's no configuring daemon's soft limit at the same time in
one configuration on systemd framework?
Thanks.
HATAYAMA, Daisuke
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
t
limit by one configuration in systemd framework.
BTW, I heard systemd-coredump for the first time. Does this mean some
particular feature of systemd concerning core dump?
Thanks.
HATAYAMA, Daisuke
___
systemd-devel mailing list
systemd-devel@lists.fre
his can be done by defining DAEMON_COREFILE_LIMIT in
/etc/sysconfig/init.
BTW, I know abrt can collect daemon process's coredump and can be used for this
purpose, but the question is the case where abrt is not used.
Thanks.
HATAYAMA, Daisuke
__
17 matches
Mail list logo