Re: [systemd-devel] [PATCH 2/2] ima: Write the policy filename into IMA's sysfs policy file

Patchset imported to github. To create a pull request, one of the main developers has to initiate one via: -- Generated by https://github.com/haraldh/mail2git _

[systemd-devel] [PATCH 1/2] ima: Have IMA policy loaded from /etc/sysconfig or /etc/default.

From: Stefan Berger Fedora has its policy in /etc/sysconfig/ima-policy while Ubuntu has it in /etc/default/ima-policy. So we try to read the IMA policy from one location and try it from another location if it couldn't be found. To maintainer backwards compatibility, we also try /etc/ima/ima-polic

Re: [systemd-devel] [PATCH 1/2] ima: Have IMA policy loaded from /etc/sysconfig or /etc/default.

On Mon, Nov 28, 2016 at 02:17:19PM -0500, Stefan Berger wrote: > From: Stefan Berger > > Fedora has its policy in /etc/sysconfig/ima-policy while Ubuntu > has it in /etc/default/ima-policy. So we try to read the IMA policy > from one location and try it from another location if it couldn't > be f

[systemd-devel] [PATCH 2/2] ima: Write the policy filename into IMA's sysfs policy file

From: Stefan Berger IMA validates file signatures based on the security.ima xattr. As of Linux-4.7, instead of copying the IMA policy into the securityfs policy, the IMA policy pathname can be written, allowing the IMA policy file signature to be validated. This patch modifies the existing code

Re: [systemd-devel] sd-bus: Implementing Variant concept: Copying sd-bus message contents

On Sat, 26.11.16 16:01, Stanislav Angelovič ([email protected]) wrote: > Hi, > > A quick question: Is it possible to append contents (the serialized data) > of an sd-bus message to another sd-bus message? Conversely, is it possible > to extract a part of sd-bus message contents into a separat

Re: [systemd-devel] systemd-sysv-generator bug ?

On Mon, 28.11.16 15:28, Cédric BRINER ([email protected]) wrote: > To summarize our understanding: > - you cannot use systemd to stop a daemon that was not started with a > systemd tools. Daemon launched with systemd could be one: > - with a .service on systemd > - launched with systemd-run

[systemd-devel] Status of "presets override sysadmin's choices"

Hi, I'm resurrecting this subject because it seems that some works happened around this issue but it seems to have been lost somehow. The latest work I found is the "preset-transient" one [1], which is in my understanding about having symlinks created by the preset commands in /run/systemd/ thus

Re: [systemd-devel] systemd-sysv-generator bug ?

To summarize our understanding: - you cannot use systemd to stop a daemon that was not started with a systemd tools. Daemon launched with systemd could be one: - with a .service on systemd - launched with systemd-run So if you log into a terminal and launch the daemon with a /usr/bin/my_daemon &

[systemd-devel] How to process core dump before reboot

We want to reboot the system when a particular daemon is crashing . Hence we added OnFailure tag in the service file to invoke the reboot service. It's correctly rebooting the system whenever the particular daemon is crashing . But it reboots immediately without waiting for core dump to be processe