From: Andrew Morton <akpm@osdl.org>
To: Chris Wright <chrisw@osdl.org>
Cc: andrea@suse.de, linux-kernel@vger.kernel.org, kenneth.w.chen@intel.com
Subject: Re: disable-cap-mlock
Date: Thu, 1 Apr 2004 17:30:34 -0800 [thread overview]
Message-ID: <20040401173034.16e79fee.akpm@osdl.org> (raw)
In-Reply-To: <20040401170705.Y22989@build.pdx.osdl.net>
Chris Wright <chrisw@osdl.org> wrote:
>
> * Andrea Arcangeli (andrea@suse.de) wrote:
> > Oracle needs this sysctl, I designed it and Ken Chen implemented it. I
> > guess google also won't dislike it.
> >
> > This is a lot simpler than the mlock rlimit and this is people really
> > need (not the rlimit). The rlimit thing can still be applied on top of
> > this. This should be more efficient too (besides its simplicity).
> >
> > can you apply to mainline?
>
> This patch seems like the wrong hack to work around missing mlock rlimit
> functionality. Wouldn't it be better to fix the core problem, and leave
> this patch out of mainline? I agree with Rik, such a fix (mlock/rlimit)
> will make all the gpg users feel warm and fuzzy ;-)
Rumour has it that the more exhasperated among us are brewing up a patch to
login.c which will allow capabilities to be retained after the setuid. So
you do
echo "oracle CAP_IPC_LOCK" > /etc/logincap.conf
And that's it.
See any reason why this won't work?
next prev parent reply other threads:[~2004-04-02 1:28 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-01 13:59 disable-cap-mlock Andrea Arcangeli
2004-04-01 14:12 ` disable-cap-mlock Martin Zwickel
2004-04-01 16:48 ` disable-cap-mlock William Lee Irwin III
2004-04-01 16:59 ` disable-cap-mlock Andrea Arcangeli
2004-04-01 17:11 ` disable-cap-mlock Marc-Christian Petersen
2004-04-01 17:16 ` disable-cap-mlock William Lee Irwin III
2004-04-01 17:34 ` disable-cap-mlock Andrea Arcangeli
2004-04-01 17:38 ` disable-cap-mlock William Lee Irwin III
2004-04-01 17:42 ` disable-cap-mlock Andrea Arcangeli
2004-04-01 17:37 ` disable-cap-mlock Stephen Smalley
2004-04-01 17:44 ` disable-cap-mlock William Lee Irwin III
2004-04-01 17:49 ` disable-cap-mlock Andrea Arcangeli
2004-04-01 17:51 ` disable-cap-mlock William Lee Irwin III
2004-04-01 18:12 ` disable-cap-mlock William Lee Irwin III
2004-04-01 17:52 ` disable-cap-mlock Marc-Christian Petersen
2004-04-01 17:54 ` disable-cap-mlock William Lee Irwin III
2004-04-01 18:47 ` disable-cap-mlock Stephen Smalley
2004-04-01 19:26 ` disable-cap-mlock William Lee Irwin III
2004-04-01 20:23 ` disable-cap-mlock Marc-Christian Petersen
2004-04-01 21:13 ` disable-cap-mlock William Lee Irwin III
2004-04-01 21:31 ` disable-cap-mlock Marc-Christian Petersen
2004-04-01 18:34 ` disable-cap-mlock Andrew Morton
2004-04-01 18:49 ` disable-cap-mlock Andrea Arcangeli
2004-04-01 18:52 ` disable-cap-mlock Chen, Kenneth W
2004-04-01 18:59 ` disable-cap-mlock William Lee Irwin III
2004-04-01 19:27 ` disable-cap-mlock James Morris
2004-04-02 10:39 ` disable-cap-mlock Pavel Machek
2004-04-02 23:44 ` disable-cap-mlock William Lee Irwin III
2004-04-01 19:44 ` disable-cap-mlock Rik van Riel
2004-04-01 19:52 ` disable-cap-mlock Andrew Morton
2004-04-01 22:36 ` disable-cap-mlock Andrea Arcangeli
2004-04-01 22:43 ` disable-cap-mlock Marc-Christian Petersen
2004-04-01 23:08 ` disable-cap-mlock Rik van Riel
2004-04-01 23:26 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 0:59 ` disable-cap-mlock Chris Wright
2004-04-01 22:29 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 1:07 ` disable-cap-mlock Chris Wright
2004-04-02 1:18 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 1:30 ` disable-cap-mlock Chris Wright
2004-04-02 1:35 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 2:04 ` disable-cap-mlock Chris Wright
2004-04-02 2:13 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 2:21 ` disable-cap-mlock Chris Wright
2004-04-02 2:38 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 2:48 ` disable-cap-mlock Chris Wright
2004-04-02 1:30 ` Andrew Morton [this message]
2004-04-02 1:59 ` disable-cap-mlock Chris Wright
2004-04-02 2:09 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 2:30 ` disable-cap-mlock Andrew Morton
2004-04-02 2:33 ` disable-cap-mlock Chris Wright
2004-04-02 2:45 ` disable-cap-mlock Andrew Morton
2004-04-02 2:51 ` disable-cap-mlock Chris Wright
2004-04-02 3:21 ` disable-cap-mlock William Lee Irwin III
2004-04-02 2:41 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 2:49 ` disable-cap-mlock Andrew Morton
2004-04-02 3:07 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 21:35 ` disable-cap-mlock Andrew Morton
2004-04-02 22:36 ` disable-cap-mlock Chris Wright
2004-04-02 22:56 ` disable-cap-mlock Andrea Arcangeli
2004-04-02 23:01 ` disable-cap-mlock Andrew Morton
2004-04-02 23:18 ` disable-cap-mlock Chris Wright
2004-04-05 12:13 ` disable-cap-mlock Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040401173034.16e79fee.akpm@osdl.org \
--to=akpm@osdl.org \
--cc=andrea@suse.de \
--cc=chrisw@osdl.org \
--cc=kenneth.w.chen@intel.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.