Re: [systemd-devel] Design patterns for privilege separating systemd services?

On Thu, 18 Feb 2021 17:01:10 -0500 "Colin Walters" wrote: > The thing I mainly like about socketpair() is that I know it's *only* > accessible via the fd - it's > https://en.wikipedia.org/wiki/Capability-based_security - except > Linux has kind of broken that by creating /proc/N/fd anyways. So >

[systemd-devel] Antw: [EXT] Re: Looking for known memory leaks triggered by stress testing add/remove/up/down interfaces

>>> Lennart Poettering schrieb am 18.02.2021 um 19:30 in Nachricht : ... > entry instead of asking for new memory again. This allocation cache is > a bit quicker then going to malloc() all the time, but means if you > just watch the heap you'll assume there's a leak even though there > isn't reall

Re: [systemd-devel] Design patterns for privilege separating systemd services?

On Thu, Feb 18, 2021, at 4:33 PM, Lennart Poettering wrote: > 1. So we have another RFE which I am very sympathetic to which is to >add an Open= setting to service unit files, which could be used to >open any kind of file at activation time and pass it via our usual >socket activati

Re: [systemd-devel] Design patterns for privilege separating systemd services?

On Mi, 17.02.21 12:50, Colin Walters (walt...@verbum.org) wrote: > I'm having a debate with the SSSD team over here around multiple > systemd units and privilege separation: > https://github.com/SSSD/sssd/issues/3412 > > And we also had a related topic come up in Fedora CoreOS where we > have a pr

Re: [systemd-devel] Looking for known memory leaks triggered by stress testing add/remove/up/down interfaces

On Thu, 18 Feb 2021, Lennart Poettering wrote: > On Do, 18.02.21 11:48, Robert P. J. Day (rpj...@crashcourse.ca) wrote: > > > A colleague has reported the following apparent issue in a fairly > > old (v230) version of systemd -- this is in a Yocto Project Wind River > > Linux 9 build, hence the

Re: [systemd-devel] Looking for known memory leaks triggered by stress testing add/remove/up/down interfaces

On Do, 18.02.21 11:48, Robert P. J. Day (rpj...@crashcourse.ca) wrote: > A colleague has reported the following apparent issue in a fairly > old (v230) version of systemd -- this is in a Yocto Project Wind River > Linux 9 build, hence the age of the package. > > As reported to me (and I'm gath

[systemd-devel] Looking for known memory leaks triggered by stress testing add/remove/up/down interfaces

A colleague has reported the following apparent issue in a fairly old (v230) version of systemd -- this is in a Yocto Project Wind River Linux 9 build, hence the age of the package. As reported to me (and I'm gathering more info), the system was being put through some "longevity testing" by

[systemd-devel] setting up journal-remote

Hi, I'm trying to setup journal-remote between 2 hosts (Ubuntu 20.04 server and CentOS 8 client). I've installed on both systemd systemd-journal-remote and on server I enabled systemd-journal-remote.service and socket. I just did small update in service file to use http instead of https: ExecStar