Hey, On Tue, 2004-08-31 at 09:41, Alexander Larsson wrote: > On Tue, 2004-08-31 at 09:33, Frederic Crozat wrote: > > Well, if we can see the patch, maybe :) > > I was pretty sure i attached it... Must have forgotten. Looks reasonably straightforward to me. Approval 1 of 2. Cheers, Mark.
> Hey, > > On Tue, 2004-08-31 at 09:41, Alexander Larsson wrote: >> On Tue, 2004-08-31 at 09:33, Frederic Crozat wrote: >> > Well, if we can see the patch, maybe :) >> >> I was pretty sure i attached it... Must have forgotten. > > Looks reasonably straightforward to me. Approval 1 of 2. 2 of 2. Murray Cumming murrayc <at> murrayc.com www.murrayc.com www.openismus.com
On Tue, 2004-08-31 at 12:39 +0200, Martin Pitt wrote: > Hi David, hi Utopia readers! > > I updated my patches for the upstream version 0.2.97. Since it is > tedious to maintain them properly against the rapidly chaning hal > code, would you consider applying at least some of them? Yeah. Sorry for the lag btw. I do think this is important to work on, however, as it is right now, the callouts need to run as root and thus, effectively, hald needs to run as root. I've discussed earlier having a helper process to do the callouts; there might be other ways though. > Most of the > stuff fixes bugs and is completely independent from privilege dropping > anyway and none of the patches are Debian specific. How does this work; is the Debian package using --drop-privileges as default? > 01_log_to_syslog.patch: actually log to syslog, not to the void > This I don't think is a good idea; hald should never log to the system log, not even if an ioctl fails. If there is a bug in hald ask the user to run with --daemon=no --verbose=yes. > 02_ioctl_errors.patch: intercept unchecked ioctl calls and log > failures(Continue reading)
Hi David! On 2004-09-03 20:41 +0200, David Zeuthen wrote: > I do think this is important to work on, however, as it is right now, > the callouts need to run as root and thus, effectively, hald needs to > run as root. I've discussed earlier having a helper process to do the > callouts; there might be other ways though. Our Company's distribution does use another way; we do not mangle fstab, but use a suid root wrapper around mount that allows users to mount removeable devices if a certain policy is fulfilled. This way, the amount of code that runs as root is kept to a minimum, fstab is not touched any more and hald can run as normal user. > > Most of the > > stuff fixes bugs and is completely independent from privilege dropping > > anyway and none of the patches are Debian specific. > > How does this work; is the Debian package using --drop-privileges as > default? By now these changes are not contained in Debian, they are just proposed as a patch (I'm not the maintainer of hal in Debian). However, our Company's distribution uses this modified package for quite a while now. The patch proposed to Debian asks a Debconf question (default no) whether hald should run as root. Our company then just needs to change the default to yes and don't show the question.(Continue reading)
I have just read that Longhorn will allow system administrators to disabled USB pen or music players to be ‘mounted’ on the system.
This may be usefull for entreprise that don’t want enployees to bring viruses or steal documents.
Maybe, it could be implemented somewhere in project-utopia.
_______________________________________________ utopia-list mailing list utopia-list <at> gnome.org http://mail.gnome.org/mailman/listinfo/utopia-list
> This may be usefull for entreprise that don’t want enployees to bring > viruses or steal documents. Thats more for a general policy system, eg the pmount mount wrapper that already exists (weather it will be included in the stack, I do not know)
David et al, Just read the O'Reilly piece on Utopia/HAL. Nice to see you getting some press on all your great work. You put the end to the question "I just plugged my blah-blah into my usb port, how do I get it to work?" Watching this all mature over the last 7 months, I don't think anyone could have done better. Even hal-device-manager, which I've heard you call a hack, is 10K times better than trying to walk /sys via ls and cat. Utopia is a good description. Andrew
Hi, > Just read the O'Reilly piece on Utopia/HAL. Nice to see you getting some > press on all your great work. You put the end to the question "I just > plugged my blah-blah into my usb port, how do I get it to work?" > Watching this all mature over the last 7 months, I don't think anyone > could have done better. Even hal-device-manager, which I've heard you > call a hack, is 10K times better than trying to walk /sys via ls and > cat. Utopia is a good description. I wrote that article and I am pleased that it has had such a good response. The response has not only been great about Project Utopia but also the problems facing the kernel. There is some great productive discussion going on within the different comments on the different sites the article was mentioned on. Jono -- -- Jono Bacon - http://www.jonobacon.org/ Writer / Journalist / Consultant / Developer
Hey Robert, Here is a patch for gnome-volume-manager such that policy is not enforced when media is inserted into a drive that another process has a hal advisory lock on. This is useful as it solves the problem of g-v-m popping up a burn Nautilus window when nautilus-cd-burner is asking me to insert a disc. Hence, with this patch n-c-b can just lock the hal device object representing the drive. Btw, I think Alexander Larsson is working on such a patch for n-c-b. The patch also bumps the requirement to the latest and greatest version of hal as only this one got Joe's sweet locking code in. Thanks, David
_______________________________________________ utopia-list mailing list utopia-list <at> gnome.org http://mail.gnome.org/mailman/listinfo/utopia-list
On Mon, 2004-09-20 at 16:49 +0200, David Zeuthen wrote: Hey David! > Here is a patch for gnome-volume-manager such that policy is not > enforced when media is inserted into a drive that another process has a > hal advisory lock on. > > This is useful as it solves the problem of g-v-m popping up a burn > Nautilus window when nautilus-cd-burner is asking me to insert a disc. > Hence, with this patch n-c-b can just lock the hal device object > representing the drive. Btw, I think Alexander Larsson is working on > such a patch for n-c-b. > > The patch also bumps the requirement to the latest and greatest version > of hal as only this one got Joe's sweet locking code in. Nice. Patch merged to HEAD. Thanks, Robert Love
RSS Feed1 | |
|---|---|
3 | |
1 | |
4 | |
10 | |
3 | |
2 | |
7 | |
1 | |
6 | |
1 | |
1 | |
12 | |
63 | |
1 | |
4 | |
43 | |
3 | |
9 | |
50 | |
5 | |
17 | |
110 | |
12 | |
1 | |
5 | |
10 | |
15 | |
22 | |
139 | |
60 | |
61 | |
64 | |
31 |
