On 5/11/2011 1:40 PM, Eric Paris wrote:
> On Wed, May 11, 2011 at 4:22 PM, Greg KH wrote:
>> On Wed, May 11, 2011 at 04:14:32PM -0400, Eric Paris wrote:
>>> On Wed, May 11, 2011 at 3:56 PM, Greg KH wrote:
On Wed, May 11, 2011 at 10:14:40AM -0700, Casey Schaufler wrote:
> I would prefer /
On 5/11/2011 12:56 PM, Greg KH wrote:
> On Wed, May 11, 2011 at 10:14:40AM -0700, Casey Schaufler wrote:
>> I would prefer /sys/security for all LSMs, but if SELinux goes with /sys/fs
>> Smack will likely follow on the theory that mirroring the current dominant
>> LSM is more likely to please the m
On Wed, 2011-05-11 at 16:14 -0400, Eric Paris wrote:
> On Wed, May 11, 2011 at 3:56 PM, Greg KH wrote:
> > On Wed, May 11, 2011 at 10:14:40AM -0700, Casey Schaufler wrote:
> >> I would prefer /sys/security for all LSMs, but if SELinux goes with /sys/fs
> >> Smack will likely follow on the theory t
On Wed, May 11, 2011 at 03:02:44PM -0700, Casey Schaufler wrote:
> On 5/11/2011 12:56 PM, Greg KH wrote:
> > On Wed, May 11, 2011 at 10:14:40AM -0700, Casey Schaufler wrote:
> >> I would prefer /sys/security for all LSMs, but if SELinux goes with /sys/fs
> >> Smack will likely follow on the theory
On Wed, May 11, 2011 at 04:40:33PM -0400, Eric Paris wrote:
> I'm willing to put in a day or two trying to move selinux to
> securityfs, but there is one thing I'm not sure how to handle, mainly
> when it comes to userspace backwards compat. Greg, maybe you can give
> me ideas.
>
> My biggest iss
On Wed, May 11, 2011 at 4:22 PM, Greg KH wrote:
> On Wed, May 11, 2011 at 04:14:32PM -0400, Eric Paris wrote:
>> On Wed, May 11, 2011 at 3:56 PM, Greg KH wrote:
>> > On Wed, May 11, 2011 at 10:14:40AM -0700, Casey Schaufler wrote:
>> >> I would prefer /sys/security for all LSMs, but if SELinux go
On Wed, May 11, 2011 at 04:14:32PM -0400, Eric Paris wrote:
> On Wed, May 11, 2011 at 3:56 PM, Greg KH wrote:
> > On Wed, May 11, 2011 at 10:14:40AM -0700, Casey Schaufler wrote:
> >> I would prefer /sys/security for all LSMs, but if SELinux goes with /sys/fs
> >> Smack will likely follow on the t
On 05/11/2011 09:56 PM, Greg KH wrote:
> On Wed, May 11, 2011 at 10:14:40AM -0700, Casey Schaufler wrote:
>> I would prefer /sys/security for all LSMs, but if SELinux goes with /sys/fs
>> Smack will likely follow on the theory that mirroring the current dominant
>> LSM is more likely to please the
On Wed, May 11, 2011 at 3:56 PM, Greg KH wrote:
> On Wed, May 11, 2011 at 10:14:40AM -0700, Casey Schaufler wrote:
>> I would prefer /sys/security for all LSMs, but if SELinux goes with /sys/fs
>> Smack will likely follow on the theory that mirroring the current dominant
>> LSM is more likely to p
On Wed, May 11, 2011 at 10:14:40AM -0700, Casey Schaufler wrote:
> I would prefer /sys/security for all LSMs, but if SELinux goes with /sys/fs
> Smack will likely follow on the theory that mirroring the current dominant
> LSM is more likely to please the masses than doing what the greatest number
>
On Wed, May 11, 2011 at 12:40:56PM -0400, Eric Paris wrote:
> On Wed, May 11, 2011 at 12:35 PM, Eric Paris wrote:
> > On Tue, May 10, 2011 at 6:34 PM, Greg KH wrote:
> >>
> >> From: Greg Kroah-Hartman
> >>
> >> In the interest of keeping userspace from having to create new root
> >> filesystems
On 5/11/2011 7:58 AM, Eric Paris wrote:
> On Wed, May 11, 2011 at 10:54 AM, John Johansen
> wrote:
>> On 05/11/2011 04:52 PM, Kay Sievers wrote:
>>> On Wed, May 11, 2011 at 16:43, Greg KH wrote:
On Wed, May 11, 2011 at 04:27:59PM +0200, Kay Sievers wrote:
> On Wed, May 11, 2011 at 15:54,
On 5/11/2011 7:43 AM, Greg KH wrote:
> On Wed, May 11, 2011 at 04:27:59PM +0200, Kay Sievers wrote:
>> On Wed, May 11, 2011 at 15:54, Greg KH wrote:
>>> On Wed, May 11, 2011 at 01:22:42PM +0200, John Johansen wrote:
On 05/11/2011 03:59 AM, Greg KH wrote:
> On Tue, May 10, 2011 at 03:55:24
On Wed, May 11, 2011 at 12:35:24PM -0400, Eric Paris wrote:
> On Tue, May 10, 2011 at 6:34 PM, Greg KH wrote:
> >
> > From: Greg Kroah-Hartman
> >
> > In the interest of keeping userspace from having to create new root
> > filesystems all the time, let's follow the lead of the other in-kernel
> >
On Wed, May 11, 2011 at 12:35 PM, Eric Paris wrote:
> On Tue, May 10, 2011 at 6:34 PM, Greg KH wrote:
>>
>> From: Greg Kroah-Hartman
>>
>> In the interest of keeping userspace from having to create new root
>> filesystems all the time, let's follow the lead of the other in-kernel
>> filesystems
On Tue, May 10, 2011 at 6:34 PM, Greg KH wrote:
>
> From: Greg Kroah-Hartman
>
> In the interest of keeping userspace from having to create new root
> filesystems all the time, let's follow the lead of the other in-kernel
> filesystems and provide a proper mount point for it in sysfs.
>
> For sel
On Wed, 2011-05-11 at 16:52 +0200, Kay Sievers wrote:
> On Wed, May 11, 2011 at 16:43, Greg KH wrote:
> > On Wed, May 11, 2011 at 04:27:59PM +0200, Kay Sievers wrote:
> >> On Wed, May 11, 2011 at 15:54, Greg KH wrote:
> >> > On Wed, May 11, 2011 at 01:22:42PM +0200, John Johansen wrote:
> >> >> O
Quoting Eric Paris (epa...@parisplace.org):
> On Wed, May 11, 2011 at 11:13 AM, Stephen Smalley wrote:
> > On Wed, 2011-05-11 at 10:58 -0400, Eric Paris wrote:
> >> On Wed, May 11, 2011 at 10:54 AM, John Johansen
>
> >> > AppArmor, Tomoyo and IMA all create their own subdirectoy under
> >> > sec
On Wed, 2011-05-11 at 10:58 -0400, Eric Paris wrote:
> On Wed, May 11, 2011 at 10:54 AM, John Johansen
> wrote:
> > On 05/11/2011 04:52 PM, Kay Sievers wrote:
> >> On Wed, May 11, 2011 at 16:43, Greg KH wrote:
> >>> On Wed, May 11, 2011 at 04:27:59PM +0200, Kay Sievers wrote:
> On Wed, May 1
On Wed, 2011-05-11 at 08:13 -0700, Greg KH wrote:
> On Wed, May 11, 2011 at 10:54:38AM -0400, Stephen Smalley wrote:
> > On Wed, 2011-05-11 at 16:27 +0200, Kay Sievers wrote:
> > > Just to get an idea how all this fits together. How can TPM bios and
> > > IMA/AppArmor share this directory? They hav
On Wed, May 11, 2011 at 11:50:57AM -0400, Eric Paris wrote:
> On Wed, May 11, 2011 at 11:13 AM, Stephen Smalley wrote:
> > On Wed, 2011-05-11 at 10:58 -0400, Eric Paris wrote:
> >> On Wed, May 11, 2011 at 10:54 AM, John Johansen
>
> >> > AppArmor, Tomoyo and IMA all create their own subdirectoy u
On Wed, May 11, 2011 at 11:13 AM, Stephen Smalley wrote:
> On Wed, 2011-05-11 at 10:58 -0400, Eric Paris wrote:
>> On Wed, May 11, 2011 at 10:54 AM, John Johansen
>> > AppArmor, Tomoyo and IMA all create their own subdirectoy under securityfs
>> > so this should not be a problem
>>
>> I guess the
On Wed, May 11, 2011 at 11:30:52AM -0400, Stephen Smalley wrote:
> On Wed, 2011-05-11 at 08:13 -0700, Greg KH wrote:
> > On Wed, May 11, 2011 at 10:54:38AM -0400, Stephen Smalley wrote:
> > > On Wed, 2011-05-11 at 16:27 +0200, Kay Sievers wrote:
> > > > Just to get an idea how all this fits togethe
On Wed, May 11, 2011 at 10:54:38AM -0400, Stephen Smalley wrote:
> On Wed, 2011-05-11 at 16:27 +0200, Kay Sievers wrote:
> > Just to get an idea how all this fits together. How can TPM bios and
> > IMA/AppArmor share this directory? They have their own subdirs in
> > there, or both just use the sec
On Wed, 2011-05-11 at 10:58 -0400, Eric Paris wrote:
> On Wed, May 11, 2011 at 10:54 AM, John Johansen
> wrote:
> > On 05/11/2011 04:52 PM, Kay Sievers wrote:
> >> On Wed, May 11, 2011 at 16:43, Greg KH wrote:
> >>> On Wed, May 11, 2011 at 04:27:59PM +0200, Kay Sievers wrote:
> On Wed, May 1
On Wed, May 11, 2011 at 16:58, Eric Paris wrote:
> On Wed, May 11, 2011 at 10:54 AM, John Johansen
>> AppArmor, Tomoyo and IMA all create their own subdirectoy under securityfs
>> so this should not be a problem
>
> I guess the question is, should SELinux try to move to /sys/fs/selinux
> or /sys/
On Wed, May 11, 2011 at 10:54 AM, John Johansen
wrote:
> On 05/11/2011 04:52 PM, Kay Sievers wrote:
>> On Wed, May 11, 2011 at 16:43, Greg KH wrote:
>>> On Wed, May 11, 2011 at 04:27:59PM +0200, Kay Sievers wrote:
On Wed, May 11, 2011 at 15:54, Greg KH wrote:
> On Wed, May 11, 2011 at 0
On Wed, 2011-05-11 at 16:27 +0200, Kay Sievers wrote:
> On Wed, May 11, 2011 at 15:54, Greg KH wrote:
> > On Wed, May 11, 2011 at 01:22:42PM +0200, John Johansen wrote:
> >> On 05/11/2011 03:59 AM, Greg KH wrote:
> >> > On Tue, May 10, 2011 at 03:55:24PM -0700, Casey Schaufler wrote:
> >> >> On 5/
On 05/11/2011 04:52 PM, Kay Sievers wrote:
> On Wed, May 11, 2011 at 16:43, Greg KH wrote:
>> On Wed, May 11, 2011 at 04:27:59PM +0200, Kay Sievers wrote:
>>> On Wed, May 11, 2011 at 15:54, Greg KH wrote:
On Wed, May 11, 2011 at 01:22:42PM +0200, John Johansen wrote:
> On 05/11/2011 03:5
On Wed, May 11, 2011 at 16:43, Greg KH wrote:
> On Wed, May 11, 2011 at 04:27:59PM +0200, Kay Sievers wrote:
>> On Wed, May 11, 2011 at 15:54, Greg KH wrote:
>> > On Wed, May 11, 2011 at 01:22:42PM +0200, John Johansen wrote:
>> >> On 05/11/2011 03:59 AM, Greg KH wrote:
>> >> > On Tue, May 10, 20
On Wed, May 11, 2011 at 04:27:59PM +0200, Kay Sievers wrote:
> On Wed, May 11, 2011 at 15:54, Greg KH wrote:
> > On Wed, May 11, 2011 at 01:22:42PM +0200, John Johansen wrote:
> >> On 05/11/2011 03:59 AM, Greg KH wrote:
> >> > On Tue, May 10, 2011 at 03:55:24PM -0700, Casey Schaufler wrote:
> >> >
On Wed, May 11, 2011 at 15:54, Greg KH wrote:
> On Wed, May 11, 2011 at 01:22:42PM +0200, John Johansen wrote:
>> On 05/11/2011 03:59 AM, Greg KH wrote:
>> > On Tue, May 10, 2011 at 03:55:24PM -0700, Casey Schaufler wrote:
>> >> On 5/10/2011 3:34 PM, Greg KH wrote:
>> >>> From: Greg Kroah-Hartman
On Wed, May 11, 2011 at 01:22:42PM +0200, John Johansen wrote:
> On 05/11/2011 03:59 AM, Greg KH wrote:
> > On Tue, May 10, 2011 at 03:55:24PM -0700, Casey Schaufler wrote:
> >> On 5/10/2011 3:34 PM, Greg KH wrote:
> >>> From: Greg Kroah-Hartman
> >>>
> >>> In the interest of keeping userspace fro
On Tue, May 10, 2011 at 10:28:36PM -0400, Mimi Zohar wrote:
> On Tue, 2011-05-10 at 18:59 -0700, Greg KH wrote:
> > On Tue, May 10, 2011 at 03:55:24PM -0700, Casey Schaufler wrote:
> > > On 5/10/2011 3:34 PM, Greg KH wrote:
> > > > From: Greg Kroah-Hartman
> > > >
> > > > In the interest of keepin
On 05/11/2011 03:59 AM, Greg KH wrote:
> On Tue, May 10, 2011 at 03:55:24PM -0700, Casey Schaufler wrote:
>> On 5/10/2011 3:34 PM, Greg KH wrote:
>>> From: Greg Kroah-Hartman
>>>
>>> In the interest of keeping userspace from having to create new root
>>> filesystems all the time, let's follow the
On 05/11/2011 03:59 AM, Greg KH wrote:
> On Tue, May 10, 2011 at 03:55:24PM -0700, Casey Schaufler wrote:
>> On 5/10/2011 3:34 PM, Greg KH wrote:
>>> From: Greg Kroah-Hartman
>>>
>>> In the interest of keeping userspace from having to create new root
>>> filesystems all the time, let's follow the
On Tue, 2011-05-10 at 18:59 -0700, Greg KH wrote:
> On Tue, May 10, 2011 at 03:55:24PM -0700, Casey Schaufler wrote:
> > On 5/10/2011 3:34 PM, Greg KH wrote:
> > > From: Greg Kroah-Hartman
> > >
> > > In the interest of keeping userspace from having to create new root
> > > filesystems all the tim
On Tue, May 10, 2011 at 03:55:24PM -0700, Casey Schaufler wrote:
> On 5/10/2011 3:34 PM, Greg KH wrote:
> > From: Greg Kroah-Hartman
> >
> > In the interest of keeping userspace from having to create new root
> > filesystems all the time, let's follow the lead of the other in-kernel
> > filesystem
On 5/10/2011 3:34 PM, Greg KH wrote:
> From: Greg Kroah-Hartman
>
> In the interest of keeping userspace from having to create new root
> filesystems all the time, let's follow the lead of the other in-kernel
> filesystems and provide a proper mount point for it in sysfs.
>
> For selinuxfs, this m
From: Greg Kroah-Hartman
In the interest of keeping userspace from having to create new root
filesystems all the time, let's follow the lead of the other in-kernel
filesystems and provide a proper mount point for it in sysfs.
For selinuxfs, this mount point should be in /sys/fs/selinux/
Cc: St
On Mon, May 02, 2011 at 06:54:18PM -0400, Eric Paris wrote:
> On Mon, 2011-05-02 at 15:02 -0700, Greg KH wrote:
> > On Mon, May 02, 2011 at 09:24:40AM -0400, Stephen Smalley wrote:
> > > On Fri, 2011-04-29 at 18:19 -0700, Greg KH wrote:
> > > > From: Greg Kroah-Hartman
> > > >
> > > > In the inte
On Mon, 2011-05-02 at 15:02 -0700, Greg KH wrote:
> On Mon, May 02, 2011 at 09:24:40AM -0400, Stephen Smalley wrote:
> > On Fri, 2011-04-29 at 18:19 -0700, Greg KH wrote:
> > > From: Greg Kroah-Hartman
> > >
> > > In the interest of keeping userspace from having to create new root
> > > filesyste
On Mon, May 02, 2011 at 09:24:40AM -0400, Stephen Smalley wrote:
> On Fri, 2011-04-29 at 18:19 -0700, Greg KH wrote:
> > From: Greg Kroah-Hartman
> >
> > In the interest of keeping userspace from having to create new root
> > filesystems all the time, let's follow the lead of the other in-kernel
On Mon, 02.05.11 09:24, Stephen Smalley (s...@tycho.nsa.gov) wrote:
> Added dependency: Any system that uses SELinux will need to enable and
> mount sysfs (or alternatively create at least a fake /sys/fs directory).
> I assume that sysfs is fairly universal at this point though, like
> proc?
Yes
On Mon, May 02, 2011 at 10:34:38AM -0400, Mimi Zohar wrote:
> On Fri, 2011-04-29 at 18:19 -0700, Greg KH wrote:
> > From: Greg Kroah-Hartman
> >
> > In the interest of keeping userspace from having to create new root
> > filesystems all the time, let's follow the lead of the other in-kernel
> > f
On Fri, 2011-04-29 at 18:19 -0700, Greg KH wrote:
> From: Greg Kroah-Hartman
>
> In the interest of keeping userspace from having to create new root
> filesystems all the time, let's follow the lead of the other in-kernel
> filesystems and provide a proper mount point for it in sysfs.
>
> For se
On Mon, May 2, 2011 at 15:24, Stephen Smalley wrote:
> On Fri, 2011-04-29 at 18:19 -0700, Greg KH wrote:
>> From: Greg Kroah-Hartman
>>
>> In the interest of keeping userspace from having to create new root
>> filesystems all the time, let's follow the lead of the other in-kernel
>> filesystems a
On Fri, 2011-04-29 at 18:19 -0700, Greg KH wrote:
> From: Greg Kroah-Hartman
>
> In the interest of keeping userspace from having to create new root
> filesystems all the time, let's follow the lead of the other in-kernel
> filesystems and provide a proper mount point for it in sysfs.
>
> For se
From: Greg Kroah-Hartman
In the interest of keeping userspace from having to create new root
filesystems all the time, let's follow the lead of the other in-kernel
filesystems and provide a proper mount point for it in sysfs.
For selinuxfs, this mount point should be in /sys/fs/selinux/
Cc: St
49 matches
Mail list logo
