1 |
Greg KH posted <20040705200509.GB18900@×××××.com>, excerpted below, on |
2 |
Mon, 05 Jul 2004 13:05:09 -0700: |
3 |
|
4 |
> On Mon, Jul 05, 2004 at 09:33:34AM -0700, Duncan wrote: |
5 |
>> That's not a sufficient test. Mainline 2.6 kernels have standard Linux |
6 |
>> security capabilities broken out into their own module, now. Thus, it |
7 |
>> can be compiled in as traditional, compiled as a module (my |
8 |
>> configuration, with it specifically loaded at boot, since the kernel |
9 |
>> isn't smart enough to auto-load it on its own, yet) |
10 |
> |
11 |
> And how would you expect such a "auto-load" system to work for the |
12 |
> capabilities module? |
13 |
|
14 |
I really don't know. I really don't know how the kernel knows to load a |
15 |
LOT of the modules, but it does. |
16 |
|
17 |
Here's what I'd /suppose/. |
18 |
|
19 |
When BIND for instance attempted to load, and asked for a (generic) |
20 |
capacity not present in the kernel, instead of the kernel simply saying |
21 |
that capacity (generic sense, altho in this case it applies to the |
22 |
capacities module, specifically, as well) isn't available, it would check |
23 |
for the module in the standard location, and load it if it found it, then |
24 |
supply the requested (generic) capacity. |
25 |
|
26 |
Of course, from my simple viewpoint, that's no different than what |
27 |
happens now, when a (generic) capacity from one of the auto-loading |
28 |
modules is requested, causing it to be "auto-magically" loaded. |
29 |
Obviously, I'm missing something, but I'm not sure exactly what. All I |
30 |
know is that Capabilities can be modulized, now, but the first time I |
31 |
tried it (on Mandrake, which I'm switching from), BIND had a fit, so I had |
32 |
to go put it on the list to load specifically. |
33 |
|
34 |
BTW, thanks for the reply. It's been interesting at times, watching |
35 |
people respond to your posts, not having /any/ idea that you ARE one of |
36 |
the kernel developers, indeed, UDEV wouldn't be the same without you. <g> |
37 |
You don't wear it on your sleeve, or in a sig, like some would, and your |
38 |
name doesn't quite stand out like "Linus" would. =:^) |
39 |
|
40 |
(There's an interesting object lesson in studying the pictures of, say, |
41 |
Bill Gates when he had that pie thrown at him, against, say, Linus sitting |
42 |
on the dunk tank board. That ordinary user availability is one reason I'm |
43 |
here and no longer on an MS platform. I'd consider the fact that you |
44 |
don't find it necessary to put your kernel connections in your sig, a |
45 |
similar mark of humbleness and availability to the ordinary user, tho |
46 |
others may simply find it confusing.) |
47 |
|
48 |
-- |
49 |
Duncan - List replies preferred. No HTML msgs. |
50 |
"They that can give up essential liberty to obtain a little |
51 |
temporary safety, deserve neither liberty nor safety." -- |
52 |
Benjamin Franklin |
53 |
|
54 |
|
55 |
|
56 |
-- |
57 |
gentoo-dev@g.o mailing list |