From from-tomoyo-dev-en at I-love.SAKURA.ne.jp Sun Dec 1 20:31:23 2013 From: from-tomoyo-dev-en at I-love.SAKURA.ne.jp (Tetsuo Handa) Date: Sun, 1 Dec 2013 20:31:23 +0900 Subject: [tomoyo-dev-en 368] Re: [PATCH 1/2] init_policy: drop unneededexceptions when systemd installed In-Reply-To: <1384893671-8168-1-git-send-email-shawn@churchofgit.com> References: <1384893671-8168-1-git-send-email-shawn@churchofgit.com> Message-ID: <201312012031.FEH48943.SNtEFUOPFPNZGPtPtW@I-love.SAKURA.ne.jp> Hello Shawn. I applied below patches with some modification, for I thought we should not remove (e.g.) /usr/sbin/sshd from initialize_domain entries (even if the system uses systemd) in case (e.g.) /usr/sbin/sshd is directly executed from the shell. [PATCH 1/2] init_policy: drop unneededexceptions when systemd installed [PATCH 2/2] init_policy: add Debian multi-archlib directories to make_ldconfig_readable_files() [PATCH] init_policy: do not let 'systemctldaemon-reexec' confuse tomoyo If you have problems with my modification, please let me know. Thank you. From shawn at churchofgit.com Thu Dec 5 01:03:05 2013 From: shawn at churchofgit.com (Shawn Landden) Date: Wed, 4 Dec 2013 08:03:05 -0800 Subject: [tomoyo-dev-en 369] Re: [PATCH 1/2] init_policy: drop unneededexceptions when systemd installed In-Reply-To: <201312012031.FEH48943.SNtEFUOPFPNZGPtPtW@I-love.SAKURA.ne.jp> References: <1384893671-8168-1-git-send-email-shawn@churchofgit.com> <201312012031.FEH48943.SNtEFUOPFPNZGPtPtW@I-love.SAKURA.ne.jp> Message-ID: On Sun, Dec 1, 2013 at 3:31 AM, Tetsuo Handa wrote: > Hello Shawn. > > I applied below patches with some modification, for I thought we should not > remove (e.g.) /usr/sbin/sshd from initialize_domain entries (even if the > system uses systemd) in case (e.g.) /usr/sbin/sshd is directly executed from > the shell. > > [PATCH 1/2] init_policy: drop unneededexceptions when systemd installed When systemd is installed, it actually hijacks /etc/init.d/* scripts to run systemd, so they get run by systemd even if called from the shell. So this patch, with the exception of direct binary execution like the /usr/sbin/sshd example you gave, should still, IMHO, be applied. > [PATCH 2/2] init_policy: add Debian multi-archlib directories to make_ldconfig_readable_files() thanks > [PATCH] init_policy: do not let 'systemctldaemon-reexec' confuse tomoyo your modification is fine. > > If you have problems with my modification, please let me know. > > Thank you. > > _______________________________________________ > tomoyo-dev-en mailing list > tomoyo-dev-en at lists.sourceforge.jp > http://lists.sourceforge.jp/mailman/listinfo/tomoyo-dev-en From shawn at churchofgit.com Thu Dec 5 05:36:57 2013 From: shawn at churchofgit.com (Shawn Landden) Date: Wed, 4 Dec 2013 12:36:57 -0800 Subject: [tomoyo-dev-en 370] Re: [PATCH 1/2] init_policy: drop unneededexceptions when systemd installed In-Reply-To: References: <1384893671-8168-1-git-send-email-shawn@churchofgit.com> <201312012031.FEH48943.SNtEFUOPFPNZGPtPtW@I-love.SAKURA.ne.jp> Message-ID: On Wed, Dec 4, 2013 at 8:03 AM, Shawn Landden wrote: > On Sun, Dec 1, 2013 at 3:31 AM, Tetsuo Handa > wrote: >> Hello Shawn. >> >> I applied below patches with some modification, for I thought we should not >> remove (e.g.) /usr/sbin/sshd from initialize_domain entries (even if the >> system uses systemd) in case (e.g.) /usr/sbin/sshd is directly executed from >> the shell. >> >> [PATCH 1/2] init_policy: drop unneededexceptions when systemd installed > When systemd is installed, it actually hijacks /etc/init.d/* scripts > to run systemd, so they > get run by systemd even if called from the shell. So this patch, with > the exception of direct binary execution > like the /usr/sbin/sshd example you gave, should still, IMHO, be applied. It can do this becuase most of those scripts do this: . /lib/lsb/init-functions which is then hooked by systemd >> [PATCH 2/2] init_policy: add Debian multi-archlib directories to make_ldconfig_readable_files() > thanks >> [PATCH] init_policy: do not let 'systemctldaemon-reexec' confuse tomoyo > your modification is fine. >> >> If you have problems with my modification, please let me know. >> >> Thank you. >> >> _______________________________________________ >> tomoyo-dev-en mailing list >> tomoyo-dev-en at lists.sourceforge.jp >> http://lists.sourceforge.jp/mailman/listinfo/tomoyo-dev-en