Gentoo Logo

About | Projects | Docs | Forums | Lists | Bugs | Get Gentoo! | Support | Planet | Wiki

Gentoo Spaceship
Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-amd64
Navigation:
Lists: gentoo-amd64: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-amd64@g.o
From: Kyle Lutze <kyle@...>
Subject: Re: Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
Date: Sun, 23 Apr 2006 20:51:55 -0700 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Duncan wrote:
> Kyle Lutze posted <444C0482.4090408@...>, excerpted below,  on
> Sun, 23 Apr 2006 15:49:38 -0700:
> 
>> re-emerging jack-audio-connection-kit with "-caps" did the trick, go
>> figure. everything else was perfect
>>
>> on a side note, if capabilities was replaced by realtime and lsm, why is
>> capabilities still in the 2.6 kernel?
> 
> I'm not familiar with the 2.4 capacities module and how it worked, so
> can't answer that aspect of the question.  However, in kernel 2.6, there's
> the Linux Security Module (LSM) framework.  It's designed to expose the
> necessary kernel hooks for any of several different security module
> approaches in a pluggable way, so any of several modules can be enabled to
> take advantage of it.
> 
> In 2.6, the capacities module is implemented using LSM, designed to plug
> into LSM and to provide the "traditional" Linux security implementation. 
> Apparently, realtime-lsm is a second available plugin.  IIRC there's at
> least a third as well, the BSD audit security framework, and I believe I
> read that SELinux has a module too, tho for all I know it uses the BSD
> audit module, perhaps with a few modifications, not its own separate
> module.
> 
> It shouldn't therefore be entirely surprising that realtime-lsm and
> capacities conflict, as they are probably fighting for control of the same
> thing.  Is it possible to use two different LSMs together in any case?  I
> don't know, but it's evident that there's a conflict here.  It appears you
> can use one or the other but not both at the same time.  You plug in one,
> and it takes at least part of the interface the other one would plug
> into, so you can't plug in the other.
> 

ahh the downfall of linux, people can't decide on one thing, so they
make two seperate ones, programs you use at the same time require both,
you get the shaft. Argg!!!

Kyle
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2-ecc0.1.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFETEtbVFIipMnXxfYRAiLLAKCBq1djFyxTymPK992BGFL1zOgwrgCfUTv9
rDbAKAQtCy64TvKmVS6uFP4=
=RlMf
-----END PGP SIGNATURE-----
-- 
gentoo-amd64@g.o mailing list
Replies:
Re: Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
-- Mark Knecht
References:
catch 22 with realtime-lsm and commoncap (capability dependency) modules
-- Kyle Lutze
Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
-- Mark Knecht
Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
-- Kyle Lutze
Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
-- Mark Knecht
Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
-- Kyle Lutze
Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
-- Duncan
Navigation:
Lists: gentoo-amd64: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
Next by thread:
Re: Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
Previous by date:
Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules
Next by date:
Re: Re: catch 22 with realtime-lsm and commoncap (capability dependency) modules


Updated Jun 17, 2009

Summary: Archive of the gentoo-amd64 mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.