From: Nigel Kukard <nkukard@lbsd.net>
To: Daniel J Walsh <dwalsh@redhat.com>
Cc: Stephen Smalley <sds@epoch.ncsc.mil>,
SELinux <selinux@tycho.nsa.gov>,
Colin Walters <walters@redhat.com>,
Nalin Dahyabhai <nalin@redhat.com>,
openssh-unix-dev@mindrot.org
Subject: Re: Please review openssh patch for selinux
Date: Tue, 7 Sep 2004 18:28:24 +0200 [thread overview]
Message-ID: <20040907162824.GU10151@lbsd.net> (raw)
In-Reply-To: <41377E8A.2030707@redhat.com>
[-- Attachment #1.1: Type: text/plain, Size: 609 bytes --]
As posted, here is an updated patch which allows openssh to be built
with non-selinux config.
(Hi openssh guys, forwarding this to you incase you interested including
it into the devel version of openssh. Please let us know if you have any
suggestions or changes that need to be made)
Regards
Nigel Kukard
On Thu, Sep 02, 2004 at 04:11:54PM -0400, Daniel J Walsh wrote:
> New SSH patch.
>
> Provides the capability of doing
>
> ssh hostname -l root/sysadm_r
>
> suggested by Collin.
>
> I used the / instead of : to preserve the BSD syntax.
>
> Comments?
>
>
> Dan
>
[-- Attachment #1.2: openssh-3.9p1_selinux.patch --]
[-- Type: text/plain, Size: 16520 bytes --]
Author: Daniel J Walsh <dwalsh@redhat.com>
Date: 02/09/2004
Source: selinux@tycho.nsa.gov mailing list
ChangeLog:
07/09/2004 - Nigel Kukard <nkukard@lbsd.net>
o Fixed patch to work with non-selinux configuration
Changes:
Makefile.in | 2
auth.h | 3 +
auth1.c | 11 +++++
auth2.c | 17 +++++++
config.h.in | 3 +
configure.ac | 13 ++++++
contrib/redhat/sshd.init | 9 ++++
monitor.c | 29 +++++++++++++
monitor.h | 2
monitor_wrap.c | 18 ++++++++
monitor_wrap.h | 3 +
selinux.c | 101 +++++++++++++++++++++++++++++++++++++++++++++++
selinux.h | 10 ++++
session.c | 8 +++
sshpty.c | 8 +++
15 files changed, 234 insertions(+), 3 deletions(-)
diff -u --new-file --recursive openssh-3.9p1_vanilla/Makefile.in openssh-3.9p1_selinux/Makefile.in
--- openssh-3.9p1_vanilla/Makefile.in 2004-08-15 13:01:37.000000000 +0200
+++ openssh-3.9p1_selinux/Makefile.in 2004-09-07 17:41:15.000000000 +0200
@@ -76,7 +76,7 @@
sshconnect.o sshconnect1.o sshconnect2.o
SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
- sshpty.o sshlogin.o servconf.o serverloop.o \
+ sshpty.o sshlogin.o servconf.o serverloop.o selinux.o \
auth.o auth1.o auth2.o auth-options.o session.o \
auth-chall.o auth2-chall.o groupaccess.o \
auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
diff -u --new-file --recursive openssh-3.9p1_vanilla/auth.h openssh-3.9p1_selinux/auth.h
--- openssh-3.9p1_vanilla/auth.h 2004-05-24 02:36:23.000000000 +0200
+++ openssh-3.9p1_selinux/auth.h 2004-09-07 18:03:09.000000000 +0200
@@ -57,6 +57,9 @@
char *service;
struct passwd *pw; /* set if 'valid' */
char *style;
+#ifdef WITH_SELINUX
+ char *role;
+#endif
void *kbdintctxt;
#ifdef BSD_AUTH
auth_session_t *as;
diff -u --new-file --recursive openssh-3.9p1_vanilla/auth1.c openssh-3.9p1_selinux/auth1.c
--- openssh-3.9p1_vanilla/auth1.c 2004-08-12 14:40:25.000000000 +0200
+++ openssh-3.9p1_selinux/auth1.c 2004-09-07 18:04:03.000000000 +0200
@@ -284,6 +284,9 @@
{
u_int ulen;
char *user, *style = NULL;
+#ifdef WITH_SELINUX
+ char *role=NULL;
+#endif
/* Get the name of the user that we wish to log in as. */
packet_read_expect(SSH_CMSG_USER);
@@ -292,11 +295,19 @@
user = packet_get_string(&ulen);
packet_check_eom();
+#ifdef WITH_SELINUX
+ if ((role = strchr(user, '/')) != NULL)
+ *role++ = '\0';
+#endif
+
if ((style = strchr(user, ':')) != NULL)
*style++ = '\0';
authctxt->user = user;
authctxt->style = style;
+#ifdef WITH_SELINUX
+ authctxt->role = role;
+#endif
/* Verify that the user is a valid user. */
if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL)
diff -u --new-file --recursive openssh-3.9p1_vanilla/auth2.c openssh-3.9p1_selinux/auth2.c
--- openssh-3.9p1_vanilla/auth2.c 2004-08-12 14:40:25.000000000 +0200
+++ openssh-3.9p1_selinux/auth2.c 2004-09-07 18:06:25.000000000 +0200
@@ -133,6 +133,9 @@
Authctxt *authctxt = ctxt;
Authmethod *m = NULL;
char *user, *service, *method, *style = NULL;
+#ifdef WITH_SELINUX
+ char *role = NULL;
+#endif
int authenticated = 0;
if (authctxt == NULL)
@@ -144,6 +147,11 @@
debug("userauth-request for user %s service %s method %s", user, service, method);
debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
+#ifdef WITH_SELINUX
+ if ((role = strchr(user, '/')) != NULL)
+ *role++ = 0;
+#endif
+
if ((style = strchr(user, ':')) != NULL)
*style++ = 0;
@@ -170,8 +178,15 @@
use_privsep ? " [net]" : "");
authctxt->service = xstrdup(service);
authctxt->style = style ? xstrdup(style) : NULL;
- if (use_privsep)
+#ifdef WITH_SELINUX
+ authctxt->role = role ? xstrdup(role) : NULL;
+#endif
+ if (use_privsep) {
mm_inform_authserv(service, style);
+#ifdef WITH_SELINUX
+ mm_inform_authrole(role);
+#endif
+ }
} else if (strcmp(user, authctxt->user) != 0 ||
strcmp(service, authctxt->service) != 0) {
packet_disconnect("Change of username or service not allowed: "
diff -u --new-file --recursive openssh-3.9p1_vanilla/config.h.in openssh-3.9p1_selinux/config.h.in
--- openssh-3.9p1_vanilla/config.h.in 2004-08-17 14:54:51.000000000 +0200
+++ openssh-3.9p1_selinux/config.h.in 2004-09-07 17:41:15.000000000 +0200
@@ -265,6 +265,9 @@
/* Define if you want Kerberos 5 support */
#undef KRB5
+/* Define if have want SELinux support */
+#undef WITH_SELINUX
+
/* Define this if you are using the Heimdal version of Kerberos V5 */
#undef HEIMDAL
diff -u --new-file --recursive openssh-3.9p1_vanilla/configure.ac openssh-3.9p1_selinux/configure.ac
--- openssh-3.9p1_vanilla/configure.ac 2004-08-16 15:12:06.000000000 +0200
+++ openssh-3.9p1_selinux/configure.ac 2004-09-07 17:41:15.000000000 +0200
@@ -2218,6 +2218,18 @@
[#include <arpa/nameser.h>])
])
+# Check whether user wants SELinux support
+SELINUX_MSG="no"
+AC_ARG_WITH(selinux,
+ [ --with-selinux Enable SELinux support],
+ [ if test "x$withval" != "xno" ; then
+ AC_DEFINE(WITH_SELINUX)
+ SELINUX_MSG="yes"
+ AC_CHECK_HEADERS(selinux.h)
+ LIBS="$LIBS -lselinux"
+ fi
+ ])
+
# Check whether user wants Kerberos 5 support
KRB5_MSG="no"
AC_ARG_WITH(kerberos5,
@@ -2973,6 +2985,7 @@
echo " Manpage format: $MANTYPE"
echo " PAM support: $PAM_MSG"
echo " KerberosV support: $KRB5_MSG"
+echo " SELinux support: $SELINUX_MSG"
echo " Smartcard support: $SCARD_MSG"
echo " S/KEY support: $SKEY_MSG"
echo " TCP Wrappers support: $TCPW_MSG"
diff -u --new-file --recursive openssh-3.9p1_vanilla/contrib/redhat/sshd.init openssh-3.9p1_selinux/contrib/redhat/sshd.init
--- openssh-3.9p1_vanilla/contrib/redhat/sshd.init 2002-05-10 04:19:23.000000000 +0200
+++ openssh-3.9p1_selinux/contrib/redhat/sshd.init 2004-09-07 17:41:15.000000000 +0200
@@ -35,6 +35,9 @@
if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
chmod 600 $RSA1_KEY
chmod 644 $RSA1_KEY.pub
+ if [ -x /sbin/restorecon ]; then
+ /sbin/restorecon $RSA1_KEY.pub
+ fi
success $"RSA1 key generation"
echo
else
@@ -51,6 +54,9 @@
if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
chmod 600 $RSA_KEY
chmod 644 $RSA_KEY.pub
+ if [ -x /sbin/restorecon ]; then
+ /sbin/restorecon $RSA_KEY.pub
+ fi
success $"RSA key generation"
echo
else
@@ -67,6 +73,9 @@
if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
chmod 600 $DSA_KEY
chmod 644 $DSA_KEY.pub
+ if [ -x /sbin/restorecon ]; then
+ /sbin/restorecon $DSA_KEY.pub
+ fi
success $"DSA key generation"
echo
else
diff -u --new-file --recursive openssh-3.9p1_vanilla/monitor.c openssh-3.9p1_selinux/monitor.c
--- openssh-3.9p1_vanilla/monitor.c 2004-07-17 09:05:14.000000000 +0200
+++ openssh-3.9p1_selinux/monitor.c 2004-09-07 18:01:38.000000000 +0200
@@ -127,6 +127,10 @@
int mm_answer_sesskey(int, Buffer *);
int mm_answer_sessid(int, Buffer *);
+#ifdef WITH_SELINUX
+int mm_answer_authrole(int, Buffer *);
+#endif
+
#ifdef USE_PAM
int mm_answer_pam_start(int, Buffer *);
int mm_answer_pam_account(int, Buffer *);
@@ -178,6 +182,9 @@
{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
{MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
+#ifdef WITH_SELINUX
+ {MONITOR_REQ_AUTHROLE, MON_ONCE, mm_answer_authrole},
+#endif
#ifdef USE_PAM
{MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
{MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account},
@@ -602,6 +609,9 @@
else {
/* Allow service/style information on the auth context */
monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
+#ifdef WITH_SELINUX
+ monitor_permit(mon_dispatch, MONITOR_REQ_AUTHROLE, 1);
+#endif
monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
}
@@ -646,6 +656,25 @@
return (0);
}
+#ifdef WITH_SELINUX
+int
+mm_answer_authrole(int sock, Buffer *m)
+{
+ monitor_permit_authentications(1);
+
+ authctxt->role = buffer_get_string(m, NULL);
+ debug3("%s: style=%s",
+ __func__, authctxt->role);
+
+ if (strlen(authctxt->role) == 0) {
+ xfree(authctxt->role);
+ authctxt->role = NULL;
+ }
+
+ return (0);
+}
+#endif
+
int
mm_answer_authpassword(int sock, Buffer *m)
{
diff -u --new-file --recursive openssh-3.9p1_vanilla/monitor.h openssh-3.9p1_selinux/monitor.h
--- openssh-3.9p1_vanilla/monitor.h 2003-11-17 13:18:22.000000000 +0200
+++ openssh-3.9p1_selinux/monitor.h 2004-09-07 18:08:22.000000000 +0200
@@ -30,7 +30,7 @@
enum monitor_reqtype {
MONITOR_REQ_MODULI, MONITOR_ANS_MODULI,
- MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV,
+ MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV, MONITOR_REQ_AUTHROLE,
MONITOR_REQ_SIGN, MONITOR_ANS_SIGN,
MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM,
MONITOR_REQ_AUTH2_READ_BANNER, MONITOR_ANS_AUTH2_READ_BANNER,
diff -u --new-file --recursive openssh-3.9p1_vanilla/monitor_wrap.c openssh-3.9p1_selinux/monitor_wrap.c
--- openssh-3.9p1_vanilla/monitor_wrap.c 2004-07-17 09:05:14.000000000 +0200
+++ openssh-3.9p1_selinux/monitor_wrap.c 2004-09-07 18:14:58.000000000 +0200
@@ -274,6 +274,24 @@
buffer_free(&m);
}
+/* Inform the privileged process about role */
+#ifdef WITH_SELINUX
+void
+mm_inform_authrole(char *role)
+{
+ Buffer m;
+
+ debug3("%s entering", __func__);
+
+ buffer_init(&m);
+ buffer_put_cstring(&m, role ? role : "");
+
+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHROLE, &m);
+
+ buffer_free(&m);
+}
+#endif
+
/* Do the password authentication */
int
mm_auth_password(Authctxt *authctxt, char *password)
diff -u --new-file --recursive openssh-3.9p1_vanilla/monitor_wrap.h openssh-3.9p1_selinux/monitor_wrap.h
--- openssh-3.9p1_vanilla/monitor_wrap.h 2004-06-22 04:56:02.000000000 +0200
+++ openssh-3.9p1_selinux/monitor_wrap.h 2004-09-07 18:13:13.000000000 +0200
@@ -44,6 +44,9 @@
DH *mm_choose_dh(int, int, int);
int mm_key_sign(Key *, u_char **, u_int *, u_char *, u_int);
void mm_inform_authserv(char *, char *);
+#ifdef WITH_SELINUX
+void mm_inform_authrole(char *);
+#endif
struct passwd *mm_getpwnamallow(const char *);
char *mm_auth2_read_banner(void);
int mm_auth_password(struct Authctxt *, char *);
diff -u --new-file --recursive openssh-3.9p1_vanilla/selinux.c openssh-3.9p1_selinux/selinux.c
--- openssh-3.9p1_vanilla/selinux.c 1970-01-01 02:00:00.000000000 +0200
+++ openssh-3.9p1_selinux/selinux.c 2004-09-07 17:41:15.000000000 +0200
@@ -0,0 +1,101 @@
+#include "includes.h"
+#include "auth.h"
+#include "log.h"
+
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/flask.h>
+#include <selinux/context.h>
+#include <selinux/get_context_list.h>
+#include <selinux/get_default_type.h>
+extern Authctxt *the_authctxt;
+
+static const security_context_t selinux_get_user_context(const char *name) {
+ security_context_t user_context=NULL;
+ if (get_default_context(name,NULL,&user_context)) {
+ if (security_getenforce() > 0)
+ fatal("Failed to get default security context for %s.", name);
+ else
+ error("Failed to get default security context for %s. Continuing in permissve mode", name);
+ } else {
+ if (the_authctxt) {
+ char *role=the_authctxt->role;
+ if (role != NULL && role[0]) {
+ char *type;
+ if (get_default_type(role, &type) < 0) {
+ if (security_getenforce() > 0)
+ fatal("Failed to get default type for role %s, user %s.", role, name);
+ else
+ error("Failed to get default type for role %s, user %s. Continuing in permissive mode", role, name);
+ } else {
+ context_t newcon=context_new(user_context);
+ if (context_role_set(newcon, role) != 0) {
+ context_free(newcon);
+ if (security_getenforce() > 0)
+ fatal("Failed to set role %s for %s.", role, name);
+ else
+ error("Failed to set role %s for %s. Continuing in permissive mode", role, name);
+ } else if (context_type_set(newcon, type) != 0) {
+ context_free(newcon);
+ if (security_getenforce() > 0)
+ fatal("Failed to set type %s for %s.", role, name);
+ else
+ error("Failed to set type %s for %s. Continuing in permissive mode", role, name);
+ } else {
+ freecon(user_context);
+ user_context = strdup(context_str(newcon));
+ context_free(newcon);
+ }
+ }
+ }
+ }
+ }
+ return user_context;
+}
+
+void setup_selinux_pty(const char *name, const char *tty) {
+ if (is_selinux_enabled() > 0) {
+ security_context_t new_tty_context=NULL, user_context=NULL, old_tty_context=NULL;
+
+ user_context=selinux_get_user_context(name);
+
+ if (getfilecon(tty, &old_tty_context) < 0) {
+ error("getfilecon(%.100s) failed: %.100s", tty, strerror(errno));
+ } else {
+ if (security_compute_relabel(user_context,old_tty_context,
+ SECCLASS_CHR_FILE,
+ &new_tty_context) != 0) {
+ error("security_compute_relabel(%.100s) failed: %.100s", tty,
+ strerror(errno));
+ } else {
+ if (setfilecon (tty, new_tty_context) != 0)
+ error("setfilecon(%.100s, %s) failed: %.100s",
+ tty, new_tty_context,
+ strerror(errno));
+ freecon(new_tty_context);
+ }
+ freecon(old_tty_context);
+ }
+ if (user_context) {
+ freecon(user_context);
+ }
+ }
+}
+
+void setup_selinux_exec_context(char *name) {
+
+ if (is_selinux_enabled() > 0) {
+ security_context_t user_context=selinux_get_user_context(name);
+ if (setexeccon(user_context)) {
+ if (security_getenforce() > 0)
+ fatal("Failed to set exec security context %s for %s.", user_context, name);
+ else
+ error("Failed to set exec security context %s for %s. Continuing in permissive mode", user_context, name);
+ }
+ if (user_context) {
+ freecon(user_context);
+ }
+ }
+}
+
+#endif /* WITH_SELINUX */
diff -u --new-file --recursive openssh-3.9p1_vanilla/selinux.h openssh-3.9p1_selinux/selinux.h
--- openssh-3.9p1_vanilla/selinux.h 1970-01-01 02:00:00.000000000 +0200
+++ openssh-3.9p1_selinux/selinux.h 2004-09-07 17:41:16.000000000 +0200
@@ -0,0 +1,10 @@
+#ifndef __SELINUX_H_
+#define __SELINUX_H_
+#ifdef WITH_SELINUX
+extern void setup_selinux_pty(const char *name, const char *tty);
+extern void setup_selinux_exec_context(const char *name);
+#else
+inline void setup_selinux_pty(const char *name, const char *tty) {}
+inline void setup_selinux_exec_context(const char *name) {}
+#endif /* WITH_SELINUX */
+#endif /* __SELINUX_H_ */
diff -u --new-file --recursive openssh-3.9p1_vanilla/session.c openssh-3.9p1_selinux/session.c
--- openssh-3.9p1_vanilla/session.c 2004-08-12 14:40:25.000000000 +0200
+++ openssh-3.9p1_selinux/session.c 2004-09-07 17:41:56.000000000 +0200
@@ -58,6 +58,10 @@
#include "session.h"
#include "monitor_wrap.h"
+#ifdef WITH_SELINUX
+#include "selinux.h"
+#endif
+
#if defined(KRB5) && defined(USE_AFS)
#include <kafs.h>
#endif
@@ -1304,6 +1308,10 @@
#endif
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
fatal("Failed to set uids to %u.", (u_int) pw->pw_uid);
+
+#ifdef WITH_SELINUX
+ setup_selinux_exec_context(pw->pw_name);
+#endif
}
static void
diff -u --new-file --recursive openssh-3.9p1_vanilla/sshpty.c openssh-3.9p1_selinux/sshpty.c
--- openssh-3.9p1_vanilla/sshpty.c 2004-06-22 04:56:02.000000000 +0200
+++ openssh-3.9p1_selinux/sshpty.c 2004-09-07 17:42:39.000000000 +0200
@@ -22,6 +22,10 @@
#include "log.h"
#include "misc.h"
+#ifdef WITH_SELINUX
+#include "selinux.h"
+#endif
+
#ifdef HAVE_PTY_H
# include <pty.h>
#endif
@@ -200,6 +204,10 @@
fatal("stat(%.100s) failed: %.100s", tty,
strerror(errno));
+#ifdef WITH_SELINUX
+ setup_selinux_pty(pw->pw_name, tty);
+#endif
+
if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
if (chown(tty, pw->pw_uid, gid) < 0) {
if (errno == EROFS &&
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2004-09-07 16:29 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-08-24 8:18 policy patch Russell Coker
2004-08-24 12:23 ` Stephen Smalley
2004-08-24 16:54 ` Russell Coker
2004-08-27 20:58 ` James Carter
2004-08-28 13:46 ` Russell Coker
2004-08-30 20:24 ` James Carter
2004-09-02 12:46 ` Latest Patches Daniel J Walsh
2004-09-02 12:54 ` Stephen Smalley
2004-09-02 15:23 ` Daniel J Walsh
2004-09-02 15:46 ` Stephen Smalley
2004-09-02 15:53 ` Daniel J Walsh
2004-09-02 16:48 ` Stephen Smalley
2004-09-02 16:57 ` Stephen Smalley
2004-09-02 19:48 ` Luke Kenneth Casson Leighton
2004-09-02 19:42 ` Daniel J Walsh
2004-09-02 20:23 ` Luke Kenneth Casson Leighton
2004-09-02 13:10 ` Stephen Smalley
2004-09-02 13:38 ` Russell Coker
2004-09-02 14:46 ` Stephen Smalley
2004-09-02 15:52 ` Proposed Hardware File Context file Daniel J Walsh
2004-09-02 19:38 ` Stephen Smalley
2004-09-02 19:48 ` Daniel J Walsh
2004-09-02 19:59 ` Stephen Smalley
2004-09-02 20:08 ` Daniel J Walsh
2004-09-02 20:09 ` Stephen Smalley
2004-09-02 20:15 ` Daniel J Walsh
2004-09-02 23:30 ` Colin Walters
2004-09-03 11:28 ` Stephen Smalley
2004-09-03 13:17 ` Luke Kenneth Casson Leighton
2004-09-03 13:33 ` Stephen Smalley
2004-09-03 14:38 ` Luke Kenneth Casson Leighton
2004-09-03 16:28 ` Stephen Smalley
2004-09-03 17:03 ` Luke Kenneth Casson Leighton
2004-09-09 16:52 ` Daniel J Walsh
2004-09-02 22:45 ` Luke Kenneth Casson Leighton
2004-09-02 20:11 ` Please review openssh patch for selinux Daniel J Walsh
2004-09-03 12:48 ` Stephen Smalley
2004-09-04 11:21 ` Daniel J Walsh
2004-09-07 19:14 ` Stephen Smalley
2004-09-06 18:23 ` Nigel Kukard
2004-09-07 16:28 ` Nigel Kukard [this message]
2004-09-02 22:59 ` Proposed Hardware File Context file Luke Kenneth Casson Leighton
2004-09-02 19:54 ` Luke Kenneth Casson Leighton
2004-09-02 19:51 ` Daniel J Walsh
2004-09-02 15:38 ` Latest Patches Daniel J Walsh
2004-09-02 17:15 ` Luke Kenneth Casson Leighton
2004-09-02 18:56 ` James Carter
2004-09-02 13:27 ` Russell Coker
2004-09-02 16:30 ` Joshua Brindle
2004-09-02 16:40 ` Stephen Smalley
2004-09-02 18:00 ` Daniel J Walsh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040907162824.GU10151@lbsd.net \
--to=nkukard@lbsd.net \
--cc=dwalsh@redhat.com \
--cc=nalin@redhat.com \
--cc=openssh-unix-dev@mindrot.org \
--cc=sds@epoch.ncsc.mil \
--cc=selinux@tycho.nsa.gov \
--cc=walters@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.