* Patch Review Process @ 2011-05-09 15:14 Steve Lawrence 2011-05-09 19:21 ` Guido Trentalancia 2011-05-09 19:38 ` Guido Trentalancia 0 siblings, 2 replies; 11+ messages in thread From: Steve Lawrence @ 2011-05-09 15:14 UTC (permalink / raw) To: SELinux Recently, I've not been merging patches at the rate that I would like. The delay is a problem itself, but it has also meant that people aren't certain of the status of the patches that have been submitted. I understand that this can be frustrating. Not only am I going to work harder to review and merge patches in a more timely manner, but also at providing better feedback more quickly. As such, I will make some simple changes. First, I will either quickly respond with a review, or reply with a confirmation that I received the patch and it has been added to our queue. Second, I will send out bi-weekly emails to the list detailing which patches have been reviewed, which patches I am currently working on, and the updated patch queue. While these changes are relatively minor, I think they should help to make the review process more transparent and less frustrating. To start this off, the current patch queue is at the bottom of this email. If you don't see a patch that you have submitted, or you have an updated version, please send the patch to this mailing list and I'll update the queue. For anyone wishing to submit a patch, the process remains the same: - Make sure the patch applies to the current HEAD of the git repo (http://oss.tresys.com/git/selinux.git). - Send it to this list using the Linux kernel submission standards (http://www.kernel.org/doc/Documentation/SubmittingPatches). Note: using git format-patch and git send-email will take care of most of this for you. - I will shortly respond with a confirmation Finally, if anyone has any suggestions on ways to make the patch review process better, my ears are all open. Current Patch Queue: checkpolicy: fix filename identifier http://marc.info/?l=selinux&m=130442985211760&w=2 selabel_open fix processing of substitution files (update) http://marc.info/?l=selinux&m=130314146920796&w=2 selinux_file_context_verify function returns wrong value http://marc.info/?l=selinux&m=129968866831934&w=2 Fix boolean handling in semanage http://marc.info/?l=selinux&m=125433524126271&w=2 Add modules support to semanage http://marc.info/?l=selinux&m=125433587727297&w=2 sandbox changes http://marc.info/?l=selinux&m=129226611027331&w=2 libselinux mountpoint changing http://marc.info/?l=selinux&m=130444622801373&w=2 Add note to checkmodule man page about versions http://marc.info/?l=selinux&m=127913558418720&w=2 Bug in restorecond for the first user logged in http://marc.info/?t=128164314700001&r=1&w=2 transactions in semanage man page http://marc.info/?l=selinux&m=127959379422398&w=2 libsemanage python3 support http://marc.info/?l=selinux&m=128025784525867&w=2 libselinux python3 support http://marc.info/?l=selinux&m=129226509225674&w=2 SETools patch: adding exclude type feature in queries http://marc.info/?l=selinux&m=128448149528834&w=2 Move newrole to file caps/libcapng http://marc.info/?l=selinux&m=129226621227513&w=2 Improve semodule performance http://marc.info/?l=selinux&m=128043503603540&w=2 Fix warning messages generated by GCC 4.6 http://marc.info/?l=selinux&m=127845525722194&w=2 sepolgen kernel policy version check http://marc.info/?l=selinux&m=128948444127169&w=2 Remove DEFAULTUSER handling from get_context_list http://marc.info/?l=selinux&m=129226509425687&w=2 sepolgen current patch from Fedora http://marc.info/?l=selinux&m=129226551726416&w=2 Improved error message for load_policy http://marc.info/?l=selinux&m=129226567426640&w=2 Semanage patch http://marc.info/?l=selinux&m=129233335310866&w=2 restorecond: Ignore IN_IGNORED inotify events http://marc.info/?l=selinux&m=125380417916233&w=2 setfiles/restorecond patch http://marc.info/?l=selinux&m=129226589026919&w=2 policycoreutils: update audit2allow manpage http://marc.info/?l=selinux&m=129304945226866&w=2 libsemanage: include MCS/MLS level when generating files_contexts.homedirs http://marc.info/?l=selinux&m=129421658323663&w=2 setfiles: provide an option to avoid abortion on a missing file http://marc.info/?l=selinux&m=129819885027010&w=2 minor improvements and clean-ups for setfiles http://marc.info/?l=selinux&m=129819262321520&w=2 policycoreutils scripts updates http://marc.info/?l=selinux&m=129226648427897&w=2 Fix options for policycoreutils binaries http://marc.info/?l=selinux&m=125718355929168&w=2 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Patch Review Process 2011-05-09 15:14 Patch Review Process Steve Lawrence @ 2011-05-09 19:21 ` Guido Trentalancia 2011-05-09 19:58 ` Steve Lawrence 2011-05-09 19:38 ` Guido Trentalancia 1 sibling, 1 reply; 11+ messages in thread From: Guido Trentalancia @ 2011-05-09 19:21 UTC (permalink / raw) To: Steve Lawrence; +Cc: SELinux Hello Steve ! On Mon, 2011-05-09 at 11:14 -0400, Steve Lawrence wrote: > Recently, I've not been merging patches at the rate that I would like. > The delay is a problem itself, but it has also meant that people aren't > certain of the status of the patches that have been submitted. > [cut] > > Finally, if anyone has any suggestions on ways to make the patch review > process better, my ears are all open. Yes, adding at least the name and/or email address of the submitter to the "Current Patch Queue" will probably help. Regards, Guido -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Patch Review Process 2011-05-09 19:21 ` Guido Trentalancia @ 2011-05-09 19:58 ` Steve Lawrence 2011-05-13 7:53 ` Patch Review Process - Missing patch for selinux_set_mapping Richard Haines 2011-05-13 9:28 ` Patch Review Process Kohei Kaigai 0 siblings, 2 replies; 11+ messages in thread From: Steve Lawrence @ 2011-05-09 19:58 UTC (permalink / raw) To: Guido Trentalancia; +Cc: SELinux On 05/09/2011 03:21 PM, Guido Trentalancia wrote: > Hello Steve ! > > On Mon, 2011-05-09 at 11:14 -0400, Steve Lawrence wrote: >> Recently, I've not been merging patches at the rate that I would like. >> The delay is a problem itself, but it has also meant that people aren't >> certain of the status of the patches that have been submitted. >> > [cut] >> >> Finally, if anyone has any suggestions on ways to make the patch review >> process better, my ears are all open. > > Yes, adding at least the name and/or email address of the submitter to > the "Current Patch Queue" will probably help. > > Regards, > > Guido Sounds reasonable to me. The patch queue with names and emails is below: Current Patch Queue: checkpolicy: fix filename identifier Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=130442985211760&w=2 selabel_open fix processing of substitution files (update) Richard Haines <richard_c_haines@btinternet.com> http://marc.info/?l=selinux&m=130314146920796&w=2 selinux_file_context_verify function returns wrong value Richard Haines <richard_c_haines@btinternet.com> http://marc.info/?l=selinux&m=129968866831934&w=2 Fix boolean handling in semanage Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=125433524126271&w=2 Add modules support to semanage Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=125433587727297&w=2 sandbox changes Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129226611027331&w=2 libselinux mountpoint changing Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=130444622801373&w=2 Add note to checkmodule man page about versions Jason Axelson <jaxelson@referentia.com> http://marc.info/?l=selinux&m=127913558418720&w=2 Bug in restorecond for the first user logged in Chris Adams <cmadams@hiwaay.net> http://marc.info/?t=128164314700001&r=1&w=2 transactions in semanage man page Russell Coker <russell@coker.com.au> http://marc.info/?l=selinux&m=127959379422398&w=2 libsemanage python3 support Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=128025784525867&w=2 libselinux python3 support Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129226509225674&w=2 SETools patch: adding exclude type feature in queries Roberto Sassu <roberto.sassu@polito.it> http://marc.info/?l=selinux&m=128448149528834&w=2 Move newrole to file caps/libcapng Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129226621227513&w=2 Improve semodule performance Matthew Robertson <Matthew.L.Robertson@boeing.com> http://marc.info/?l=selinux&m=128043503603540&w=2 Fix warning messages generated by GCC 4.6 Justin P. Mattock <justinmattock@gmail.com> http://marc.info/?l=selinux&m=127845525722194&w=2 sepolgen kernel policy version check Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=128948444127169&w=2 Remove DEFAULTUSER handling from get_context_list Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129226509425687&w=2 sepolgen current patch from Fedora Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129226551726416&w=2 Improved error message for load_policy Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129226567426640&w=2 Semanage patch Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129233335310866&w=2 restorecond: Ignore IN_IGNORED inotify events Martin Orr <martin@martinorr.name> http://marc.info/?l=selinux&m=125380417916233&w=2 setfiles/restorecond patch Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129226589026919&w=2 policycoreutils: update audit2allow manpage Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129304945226866&w=2 libsemanage: include MCS/MLS level when generating files_contexts.homedirs Russell Coker <russell@coker.com.au> http://marc.info/?l=selinux&m=129421658323663&w=2 setfiles: provide an option to avoid abortion on a missing file Guido Trentalancia <guido@trentalancia.com> http://marc.info/?l=selinux&m=129819885027010&w=2 minor improvements and clean-ups for setfiles Guido Trentalancia <guido@trentalancia.com> http://marc.info/?l=selinux&m=129819262321520&w=2 policycoreutils scripts updates Daniel J Walsh <dwalsh@redhat.com> http://marc.info/?l=selinux&m=129226648427897&w=2 Fix options for policycoreutils binaries Guido Trentalancia <guido@trentalancia.com> http://marc.info/?l=selinux&m=125718355929168&w=2 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Patch Review Process - Missing patch for selinux_set_mapping 2011-05-09 19:58 ` Steve Lawrence @ 2011-05-13 7:53 ` Richard Haines 2011-05-13 9:28 ` Patch Review Process Kohei Kaigai 1 sibling, 0 replies; 11+ messages in thread From: Richard Haines @ 2011-05-13 7:53 UTC (permalink / raw) To: Steve Lawrence; +Cc: SELinux Steve, This patch is missing from your list. I sent on March 30th: [PATCH 1/1] mapping fix for invalid class/perms after selinux_set_mapping call Please find another libselinux patch. I've tested quite extensively with the compute_av and string functions with and without mapping and seems okay. The patch covers: When selinux_set_mapping(3) is used to set the class and permissions allowed by an object manager, then an invalid class and/or permissions are selected (e.g. using security_class_to_string), then mapping.c in libselinux forces an assert. This patch removes the asserts and allows the functions to return a class/perm of 0 (unknown) with errno set to EINVAL. A minor patch to set EINVAL in security_av_perm_to_string_compat is also included. All the functions to convert perms & classes to strings and back should now return the correct errno with or without mapping enabled. --- libselinux/src/mapping.c | 41 ++++++++++++++++++++++++++++------------- libselinux/src/stringrep.c | 4 +++- 2 files changed, 31 insertions(+), 14 deletions(-) diff --git a/libselinux/src/mapping.c b/libselinux/src/mapping.c index f9858ce..5bbb450 100644 --- a/libselinux/src/mapping.c +++ b/libselinux/src/mapping.c @@ -6,7 +6,6 @@ #include <stdio.h> #include <stdlib.h> #include <stdarg.h> -#include <assert.h> #include <selinux/selinux.h> #include <selinux/avc.h> #include "mapping.h" @@ -103,8 +102,13 @@ unmap_class(security_class_t tclass) if (tclass < current_mapping_size) return current_mapping[tclass].value; - assert(current_mapping_size == 0); - return tclass; + /* If here no mapping set or the class requested is not valid. */ + if (current_mapping_size != 0) { + errno = EINVAL; + return 0; + } + else + return tclass; } access_vector_t @@ -116,16 +120,19 @@ unmap_perm(security_class_t tclass, access_vector_t tperm) for (i=0; i<current_mapping[tclass].num_perms; i++) if (tperm & (1<<i)) { - assert(current_mapping[tclass].perms[i]); kperm |= current_mapping[tclass].perms[i]; tperm &= ~(1<<i); } - assert(tperm == 0); return kperm; } - assert(current_mapping_size == 0); - return tperm; + /* If here no mapping set or the perm requested is not valid. */ + if (current_mapping_size != 0) { + errno = EINVAL; + return 0; + } + else + return tperm; } /* @@ -141,8 +148,13 @@ map_class(security_class_t kclass) if (current_mapping[i].value == kclass) return i; - assert(current_mapping_size == 0); - return kclass; +/* If here no mapping set or the class requested is not valid. */ + if (current_mapping_size != 0) { + errno = EINVAL; + return 0; + } + else + return kclass; } access_vector_t @@ -157,11 +169,14 @@ map_perm(security_class_t tclass, access_vector_t kperm) tperm |= 1<<i; kperm &= ~current_mapping[tclass].perms[i]; } - assert(kperm == 0); - return tperm; - } - assert(current_mapping_size == 0); + if (tperm == 0) { + errno = EINVAL; + return 0; + } + else + return tperm; + } return kperm; } diff --git a/libselinux/src/stringrep.c b/libselinux/src/stringrep.c index b19bce7..f0167e7 100644 --- a/libselinux/src/stringrep.c +++ b/libselinux/src/stringrep.c @@ -401,8 +401,10 @@ static const char *security_av_perm_to_string_compat(security_class_t tclass, access_vector_t common_base = 0; unsigned int i; - if (!av) + if (!av) { + errno = EINVAL; return NULL; + } for (i = 0; i < ARRAY_SIZE(av_inherit); i++) { if (av_inherit[i].tclass == tclass) { -- 1.7.3.2 If you need me to re-submit for latest git let me know. Richard --- On Mon, 9/5/11, Steve Lawrence <slawrence@tresys.com> wrote: > From: Steve Lawrence <slawrence@tresys.com> > Subject: Re: Patch Review Process > To: "Guido Trentalancia" <guido@trentalancia.com> > Cc: "SELinux" <selinux@tycho.nsa.gov> > Date: Monday, 9 May, 2011, 20:58 > On 05/09/2011 03:21 PM, Guido > Trentalancia wrote: > > Hello Steve ! > > > > On Mon, 2011-05-09 at 11:14 -0400, Steve Lawrence > wrote: > >> Recently, I've not been merging patches at the > rate that I would like. > >> The delay is a problem itself, but it has also > meant that people aren't > >> certain of the status of the patches that have > been submitted. > >> > > [cut] > >> > >> Finally, if anyone has any suggestions on ways to > make the patch review > >> process better, my ears are all open. > > > > Yes, adding at least the name and/or email address of > the submitter to > > the "Current Patch Queue" will probably help. > > > > Regards, > > > > Guido > > Sounds reasonable to me. The patch queue with names and > emails is below: > > Current Patch Queue: > > checkpolicy: fix filename identifier > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=130442985211760&w=2 > > selabel_open fix processing of substitution files (update) > Richard Haines <richard_c_haines@btinternet.com> > http://marc.info/?l=selinux&m=130314146920796&w=2 > > selinux_file_context_verify function returns wrong value > Richard Haines <richard_c_haines@btinternet.com> > http://marc.info/?l=selinux&m=129968866831934&w=2 > > Fix boolean handling in semanage > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=125433524126271&w=2 > > Add modules support to semanage > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=125433587727297&w=2 > > sandbox changes > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226611027331&w=2 > > libselinux mountpoint changing > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=130444622801373&w=2 > > Add note to checkmodule man page about versions > Jason Axelson <jaxelson@referentia.com> > http://marc.info/?l=selinux&m=127913558418720&w=2 > > Bug in restorecond for the first user logged in > Chris Adams <cmadams@hiwaay.net> > http://marc.info/?t=128164314700001&r=1&w=2 > > transactions in semanage man page > Russell Coker <russell@coker.com.au> > http://marc.info/?l=selinux&m=127959379422398&w=2 > > libsemanage python3 support > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=128025784525867&w=2 > > libselinux python3 support > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226509225674&w=2 > > SETools patch: adding exclude type feature in queries > Roberto Sassu <roberto.sassu@polito.it> > http://marc.info/?l=selinux&m=128448149528834&w=2 > > Move newrole to file caps/libcapng > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226621227513&w=2 > > Improve semodule performance > Matthew Robertson <Matthew.L.Robertson@boeing.com> > http://marc.info/?l=selinux&m=128043503603540&w=2 > > Fix warning messages generated by GCC 4.6 > Justin P. Mattock <justinmattock@gmail.com> > http://marc.info/?l=selinux&m=127845525722194&w=2 > > sepolgen kernel policy version check > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=128948444127169&w=2 > > Remove DEFAULTUSER handling from get_context_list > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226509425687&w=2 > > sepolgen current patch from Fedora > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226551726416&w=2 > > Improved error message for load_policy > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226567426640&w=2 > > Semanage patch > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129233335310866&w=2 > > restorecond: Ignore IN_IGNORED inotify events > Martin Orr <martin@martinorr.name> > http://marc.info/?l=selinux&m=125380417916233&w=2 > > setfiles/restorecond patch > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226589026919&w=2 > > policycoreutils: update audit2allow manpage > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129304945226866&w=2 > > libsemanage: include MCS/MLS level when generating > files_contexts.homedirs > Russell Coker <russell@coker.com.au> > http://marc.info/?l=selinux&m=129421658323663&w=2 > > setfiles: provide an option to avoid abortion on a missing > file > Guido Trentalancia <guido@trentalancia.com> > http://marc.info/?l=selinux&m=129819885027010&w=2 > > minor improvements and clean-ups for setfiles > Guido Trentalancia <guido@trentalancia.com> > http://marc.info/?l=selinux&m=129819262321520&w=2 > > policycoreutils scripts updates > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226648427897&w=2 > > Fix options for policycoreutils binaries > Guido Trentalancia <guido@trentalancia.com> > http://marc.info/?l=selinux&m=125718355929168&w=2 > > -- > This message was distributed to subscribers of the selinux > mailing list. > If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov > with > the words "unsubscribe selinux" without quotes as the > message. > -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply related [flat|nested] 11+ messages in thread
* RE: Patch Review Process 2011-05-09 19:58 ` Steve Lawrence 2011-05-13 7:53 ` Patch Review Process - Missing patch for selinux_set_mapping Richard Haines @ 2011-05-13 9:28 ` Kohei Kaigai 2011-05-13 10:34 ` Guido Trentalancia 2011-05-16 14:30 ` Steve Lawrence 1 sibling, 2 replies; 11+ messages in thread From: Kohei Kaigai @ 2011-05-13 9:28 UTC (permalink / raw) To: Steve Lawrence; +Cc: SELinux As a proposal to improve our project, how about adopting patch management system on selinuxproject.org site? In PostgreSQL community, we use this simple system to manage patches submitted. https://commitfest.postgresql.org/action/commitfest_view?id=10 It enables to track the current status, activities and responsibility of patches. It seems to me 30 of patches are too large to manage without systematic helps. [snip] > Current Patch Queue: > > checkpolicy: fix filename identifier > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=130442985211760&w=2 > > selabel_open fix processing of substitution files (update) > Richard Haines <richard_c_haines@btinternet.com> > http://marc.info/?l=selinux&m=130314146920796&w=2 > > selinux_file_context_verify function returns wrong value > Richard Haines <richard_c_haines@btinternet.com> > http://marc.info/?l=selinux&m=129968866831934&w=2 > > Fix boolean handling in semanage > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=125433524126271&w=2 > > Add modules support to semanage > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=125433587727297&w=2 > > sandbox changes > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226611027331&w=2 > > libselinux mountpoint changing > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=130444622801373&w=2 > > Add note to checkmodule man page about versions > Jason Axelson <jaxelson@referentia.com> > http://marc.info/?l=selinux&m=127913558418720&w=2 > > Bug in restorecond for the first user logged in > Chris Adams <cmadams@hiwaay.net> > http://marc.info/?t=128164314700001&r=1&w=2 > > transactions in semanage man page > Russell Coker <russell@coker.com.au> > http://marc.info/?l=selinux&m=127959379422398&w=2 > > libsemanage python3 support > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=128025784525867&w=2 > > libselinux python3 support > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226509225674&w=2 > > SETools patch: adding exclude type feature in queries > Roberto Sassu <roberto.sassu@polito.it> > http://marc.info/?l=selinux&m=128448149528834&w=2 > > Move newrole to file caps/libcapng > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226621227513&w=2 > > Improve semodule performance > Matthew Robertson <Matthew.L.Robertson@boeing.com> > http://marc.info/?l=selinux&m=128043503603540&w=2 > > Fix warning messages generated by GCC 4.6 > Justin P. Mattock <justinmattock@gmail.com> > http://marc.info/?l=selinux&m=127845525722194&w=2 > > sepolgen kernel policy version check > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=128948444127169&w=2 > > Remove DEFAULTUSER handling from get_context_list > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226509425687&w=2 > > sepolgen current patch from Fedora > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226551726416&w=2 > > Improved error message for load_policy > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226567426640&w=2 > > Semanage patch > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129233335310866&w=2 > > restorecond: Ignore IN_IGNORED inotify events > Martin Orr <martin@martinorr.name> > http://marc.info/?l=selinux&m=125380417916233&w=2 > > setfiles/restorecond patch > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226589026919&w=2 > > policycoreutils: update audit2allow manpage > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129304945226866&w=2 > > libsemanage: include MCS/MLS level when generating files_contexts.homedirs > Russell Coker <russell@coker.com.au> > http://marc.info/?l=selinux&m=129421658323663&w=2 > > setfiles: provide an option to avoid abortion on a missing file > Guido Trentalancia <guido@trentalancia.com> > http://marc.info/?l=selinux&m=129819885027010&w=2 > > minor improvements and clean-ups for setfiles > Guido Trentalancia <guido@trentalancia.com> > http://marc.info/?l=selinux&m=129819262321520&w=2 > > policycoreutils scripts updates > Daniel J Walsh <dwalsh@redhat.com> > http://marc.info/?l=selinux&m=129226648427897&w=2 > > Fix options for policycoreutils binaries > Guido Trentalancia <guido@trentalancia.com> > http://marc.info/?l=selinux&m=125718355929168&w=2 > -- NEC Europe Ltd, SAP Global Competence Center KaiGai Kohei <kohei.kaigai@emea.nec.com> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
* RE: Patch Review Process 2011-05-13 9:28 ` Patch Review Process Kohei Kaigai @ 2011-05-13 10:34 ` Guido Trentalancia 2011-05-16 14:30 ` Steve Lawrence 1 sibling, 0 replies; 11+ messages in thread From: Guido Trentalancia @ 2011-05-13 10:34 UTC (permalink / raw) To: Kohei Kaigai; +Cc: Steve Lawrence, SELinux On Fri, 2011-05-13 at 10:28 +0100, Kohei Kaigai wrote: > As a proposal to improve our project, how about adopting patch management system on > selinuxproject.org site? Perfectly agreed. And somehow already loosely hinted privately, Steve ? Regards, Guido -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Patch Review Process 2011-05-13 9:28 ` Patch Review Process Kohei Kaigai 2011-05-13 10:34 ` Guido Trentalancia @ 2011-05-16 14:30 ` Steve Lawrence 2011-05-16 15:15 ` Kohei Kaigai 2011-05-16 16:04 ` Greg Smith 1 sibling, 2 replies; 11+ messages in thread From: Steve Lawrence @ 2011-05-16 14:30 UTC (permalink / raw) To: Kohei Kaigai; +Cc: SELinux I'm looking around for something that would work well. Is commitfest custom built by the postgresql community or is it some open source project? I can't seem to find any information on what the backend is. On 05/13/2011 05:28 AM, Kohei Kaigai wrote: > As a proposal to improve our project, how about adopting patch management system on > selinuxproject.org site? > > In PostgreSQL community, we use this simple system to manage patches submitted. > > https://commitfest.postgresql.org/action/commitfest_view?id=10 > > It enables to track the current status, activities and responsibility of patches. > > It seems to me 30 of patches are too large to manage without systematic helps. > > [snip] >> Current Patch Queue: >> >> checkpolicy: fix filename identifier >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=130442985211760&w=2 >> >> selabel_open fix processing of substitution files (update) >> Richard Haines <richard_c_haines@btinternet.com> >> http://marc.info/?l=selinux&m=130314146920796&w=2 >> >> selinux_file_context_verify function returns wrong value >> Richard Haines <richard_c_haines@btinternet.com> >> http://marc.info/?l=selinux&m=129968866831934&w=2 >> >> Fix boolean handling in semanage >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=125433524126271&w=2 >> >> Add modules support to semanage >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=125433587727297&w=2 >> >> sandbox changes >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129226611027331&w=2 >> >> libselinux mountpoint changing >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=130444622801373&w=2 >> >> Add note to checkmodule man page about versions >> Jason Axelson <jaxelson@referentia.com> >> http://marc.info/?l=selinux&m=127913558418720&w=2 >> >> Bug in restorecond for the first user logged in >> Chris Adams <cmadams@hiwaay.net> >> http://marc.info/?t=128164314700001&r=1&w=2 >> >> transactions in semanage man page >> Russell Coker <russell@coker.com.au> >> http://marc.info/?l=selinux&m=127959379422398&w=2 >> >> libsemanage python3 support >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=128025784525867&w=2 >> >> libselinux python3 support >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129226509225674&w=2 >> >> SETools patch: adding exclude type feature in queries >> Roberto Sassu <roberto.sassu@polito.it> >> http://marc.info/?l=selinux&m=128448149528834&w=2 >> >> Move newrole to file caps/libcapng >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129226621227513&w=2 >> >> Improve semodule performance >> Matthew Robertson <Matthew.L.Robertson@boeing.com> >> http://marc.info/?l=selinux&m=128043503603540&w=2 >> >> Fix warning messages generated by GCC 4.6 >> Justin P. Mattock <justinmattock@gmail.com> >> http://marc.info/?l=selinux&m=127845525722194&w=2 >> >> sepolgen kernel policy version check >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=128948444127169&w=2 >> >> Remove DEFAULTUSER handling from get_context_list >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129226509425687&w=2 >> >> sepolgen current patch from Fedora >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129226551726416&w=2 >> >> Improved error message for load_policy >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129226567426640&w=2 >> >> Semanage patch >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129233335310866&w=2 >> >> restorecond: Ignore IN_IGNORED inotify events >> Martin Orr <martin@martinorr.name> >> http://marc.info/?l=selinux&m=125380417916233&w=2 >> >> setfiles/restorecond patch >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129226589026919&w=2 >> >> policycoreutils: update audit2allow manpage >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129304945226866&w=2 >> >> libsemanage: include MCS/MLS level when generating files_contexts.homedirs >> Russell Coker <russell@coker.com.au> >> http://marc.info/?l=selinux&m=129421658323663&w=2 >> >> setfiles: provide an option to avoid abortion on a missing file >> Guido Trentalancia <guido@trentalancia.com> >> http://marc.info/?l=selinux&m=129819885027010&w=2 >> >> minor improvements and clean-ups for setfiles >> Guido Trentalancia <guido@trentalancia.com> >> http://marc.info/?l=selinux&m=129819262321520&w=2 >> >> policycoreutils scripts updates >> Daniel J Walsh <dwalsh@redhat.com> >> http://marc.info/?l=selinux&m=129226648427897&w=2 >> >> Fix options for policycoreutils binaries >> Guido Trentalancia <guido@trentalancia.com> >> http://marc.info/?l=selinux&m=125718355929168&w=2 >> > -- > NEC Europe Ltd, SAP Global Competence Center > KaiGai Kohei <kohei.kaigai@emea.nec.com> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
* RE: Patch Review Process 2011-05-16 14:30 ` Steve Lawrence @ 2011-05-16 15:15 ` Kohei Kaigai 2011-05-16 16:04 ` Greg Smith 1 sibling, 0 replies; 11+ messages in thread From: Kohei Kaigai @ 2011-05-16 15:15 UTC (permalink / raw) To: Steve Lawrence; +Cc: SELinux > I'm looking around for something that would work well. Is commitfest > custom built by the postgresql community or is it some open source > project? I can't seem to find any information on what the backend is. > It is custom build by the postgresql community. Because it is not a large application, I'm available to make similar one with arranges for our community, if we want. (Is PHP and PostgreSQL available on selinuxproject.org ?) Thanks, -- NEC Europe Ltd, SAP Global Competence Center KaiGai Kohei <kohei.kaigai@emea.nec.com> > -----Original Message----- > From: Steve Lawrence [mailto:slawrence@tresys.com] > Sent: 16. Mai 2011 15:30 > To: Kohei Kaigai > Cc: SELinux > Subject: Re: Patch Review Process > > I'm looking around for something that would work well. Is commitfest > custom built by the postgresql community or is it some open source > project? I can't seem to find any information on what the backend is. > > On 05/13/2011 05:28 AM, Kohei Kaigai wrote: > > As a proposal to improve our project, how about adopting patch management system on > > selinuxproject.org site? > > > > In PostgreSQL community, we use this simple system to manage patches submitted. > > > > https://commitfest.postgresql.org/action/commitfest_view?id=10 > > > > It enables to track the current status, activities and responsibility of patches. > > > > It seems to me 30 of patches are too large to manage without systematic helps. > > > > [snip] > >> Current Patch Queue: > >> > >> checkpolicy: fix filename identifier > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=130442985211760&w=2 > >> > >> selabel_open fix processing of substitution files (update) > >> Richard Haines <richard_c_haines@btinternet.com> > >> http://marc.info/?l=selinux&m=130314146920796&w=2 > >> > >> selinux_file_context_verify function returns wrong value > >> Richard Haines <richard_c_haines@btinternet.com> > >> http://marc.info/?l=selinux&m=129968866831934&w=2 > >> > >> Fix boolean handling in semanage > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=125433524126271&w=2 > >> > >> Add modules support to semanage > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=125433587727297&w=2 > >> > >> sandbox changes > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129226611027331&w=2 > >> > >> libselinux mountpoint changing > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=130444622801373&w=2 > >> > >> Add note to checkmodule man page about versions > >> Jason Axelson <jaxelson@referentia.com> > >> http://marc.info/?l=selinux&m=127913558418720&w=2 > >> > >> Bug in restorecond for the first user logged in > >> Chris Adams <cmadams@hiwaay.net> > >> http://marc.info/?t=128164314700001&r=1&w=2 > >> > >> transactions in semanage man page > >> Russell Coker <russell@coker.com.au> > >> http://marc.info/?l=selinux&m=127959379422398&w=2 > >> > >> libsemanage python3 support > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=128025784525867&w=2 > >> > >> libselinux python3 support > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129226509225674&w=2 > >> > >> SETools patch: adding exclude type feature in queries > >> Roberto Sassu <roberto.sassu@polito.it> > >> http://marc.info/?l=selinux&m=128448149528834&w=2 > >> > >> Move newrole to file caps/libcapng > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129226621227513&w=2 > >> > >> Improve semodule performance > >> Matthew Robertson <Matthew.L.Robertson@boeing.com> > >> http://marc.info/?l=selinux&m=128043503603540&w=2 > >> > >> Fix warning messages generated by GCC 4.6 > >> Justin P. Mattock <justinmattock@gmail.com> > >> http://marc.info/?l=selinux&m=127845525722194&w=2 > >> > >> sepolgen kernel policy version check > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=128948444127169&w=2 > >> > >> Remove DEFAULTUSER handling from get_context_list > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129226509425687&w=2 > >> > >> sepolgen current patch from Fedora > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129226551726416&w=2 > >> > >> Improved error message for load_policy > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129226567426640&w=2 > >> > >> Semanage patch > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129233335310866&w=2 > >> > >> restorecond: Ignore IN_IGNORED inotify events > >> Martin Orr <martin@martinorr.name> > >> http://marc.info/?l=selinux&m=125380417916233&w=2 > >> > >> setfiles/restorecond patch > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129226589026919&w=2 > >> > >> policycoreutils: update audit2allow manpage > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129304945226866&w=2 > >> > >> libsemanage: include MCS/MLS level when generating files_contexts.homedirs > >> Russell Coker <russell@coker.com.au> > >> http://marc.info/?l=selinux&m=129421658323663&w=2 > >> > >> setfiles: provide an option to avoid abortion on a missing file > >> Guido Trentalancia <guido@trentalancia.com> > >> http://marc.info/?l=selinux&m=129819885027010&w=2 > >> > >> minor improvements and clean-ups for setfiles > >> Guido Trentalancia <guido@trentalancia.com> > >> http://marc.info/?l=selinux&m=129819262321520&w=2 > >> > >> policycoreutils scripts updates > >> Daniel J Walsh <dwalsh@redhat.com> > >> http://marc.info/?l=selinux&m=129226648427897&w=2 > >> > >> Fix options for policycoreutils binaries > >> Guido Trentalancia <guido@trentalancia.com> > >> http://marc.info/?l=selinux&m=125718355929168&w=2 > >> > > -- > > NEC Europe Ltd, SAP Global Competence Center > > KaiGai Kohei <kohei.kaigai@emea.nec.com> > > > > Click > https://www.mailcontrol.com/sr/inBW9VIHWgDTndxI!oX7Ui!B!9hWdHWJGFxbtvmLXXIuo7oVvculFYwkjKcDqr6Q0+ > EvhqRAbnWOd!jBVaBGJg== to report this email as spam. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Patch Review Process 2011-05-16 14:30 ` Steve Lawrence 2011-05-16 15:15 ` Kohei Kaigai @ 2011-05-16 16:04 ` Greg Smith 2011-05-18 13:31 ` Steve Lawrence 1 sibling, 1 reply; 11+ messages in thread From: Greg Smith @ 2011-05-16 16:04 UTC (permalink / raw) To: Steve Lawrence; +Cc: Kohei Kaigai, SELinux Steve Lawrence wrote: > Is commitfest custom built by the postgresql community or is it some open source > project? I can't seem to find any information on what the backend is. > Yes to both, sort of. It was built for this purpose, but the result is an open-source project available for others. Source code is http://git.postgresql.org/gitweb?p=pgcommitfest.git ; it's a Perl application aimed to run inside Apache, with a PostgreSQL back-end as you might expect. The application was developed after really not finding the workflow of existing applications like Reviewboard to mesh well with the requirements for PostgrSQL's development process. The main thing that I think may not translate well into some other environments, but might actually work here, is its heavy reliance on mailing list integration. The main thing stored when you add a new entry to the CommitFest application is a pointer to a mailing list URL. For the PostgreSQL lists, that is driven by the message-id of the e-mail sent. The main data stored is essentially is a list of pointers into the mail archives, via message-id, with each tagged for what submission they all belong to. Comments and such actually stored in the web application is minimal; the idea is that you're using it to track e-mails sent to the mailing list, where the primary review information is sent to. Another caveat is that there was already a PostgreSQL single login service that this hooks into. There's no internal support in the CommitFest app for account creation/maintenance, it just calls the API available on postgresql.org for that. -- Greg Smith 2ndQuadrant US greg@2ndQuadrant.com Baltimore, MD PostgreSQL Training, Services, and 24x7 Support www.2ndQuadrant.us -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Patch Review Process 2011-05-16 16:04 ` Greg Smith @ 2011-05-18 13:31 ` Steve Lawrence 0 siblings, 0 replies; 11+ messages in thread From: Steve Lawrence @ 2011-05-18 13:31 UTC (permalink / raw) To: Greg Smith; +Cc: Kohei Kaigai, SELinux On 05/16/2011 12:04 PM, Greg Smith wrote: > Steve Lawrence wrote: >> Is commitfest custom built by the postgresql community or is it some >> open source >> project? I can't seem to find any information on what the backend is. >> > > Yes to both, sort of. It was built for this purpose, but the result is > an open-source project available for others. Source code is > http://git.postgresql.org/gitweb?p=pgcommitfest.git ; it's a Perl > application aimed to run inside Apache, with a PostgreSQL back-end as > you might expect. > The application was developed after really not finding the workflow of > existing applications like Reviewboard to mesh well with the > requirements for PostgrSQL's development process. The main thing that I > think may not translate well into some other environments, but might > actually work here, is its heavy reliance on mailing list integration. > The main thing stored when you add a new entry to the CommitFest > application is a pointer to a mailing list URL. For the PostgreSQL > lists, that is driven by the message-id of the e-mail sent. The main > data stored is essentially is a list of pointers into the mail archives, > via message-id, with each tagged for what submission they all belong > to. Comments and such actually stored in the web application is > minimal; the idea is that you're using it to track e-mails sent to the > mailing list, where the primary review information is sent to. > > Another caveat is that there was already a PostgreSQL single login > service that this hooks into. There's no internal support in the > CommitFest app for account creation/maintenance, it just calls the API > available on postgresql.org for that. > That looks pretty nice and would probably work well for this community. I'll definitely take a look at it when I get a chance. Thanks. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Patch Review Process 2011-05-09 15:14 Patch Review Process Steve Lawrence 2011-05-09 19:21 ` Guido Trentalancia @ 2011-05-09 19:38 ` Guido Trentalancia 1 sibling, 0 replies; 11+ messages in thread From: Guido Trentalancia @ 2011-05-09 19:38 UTC (permalink / raw) To: Steve Lawrence; +Cc: SELinux Hello again Steve ! I did send a total of On Mon, 2011-05-09 at 11:14 -0400, Steve Lawrence wrote: > Recently, I've not been merging patches at the rate that I would like. > The delay is a problem itself, but it has also meant that people aren't > certain of the status of the patches that have been submitted. [cut] > Current Patch Queue: > [cut] > > setfiles: provide an option to avoid abortion on a missing file > http://marc.info/?l=selinux&m=129819885027010&w=2 > > minor improvements and clean-ups for setfiles > http://marc.info/?l=selinux&m=129819262321520&w=2 I have submitted the above two patches, but: - there are missing patches; - the patches that I have submitted apply with the wrong -p option (sorry about that). Therefore I am now going to re-submit everything. You have no patches from me on the queue now. Regards, Guido -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2011-05-18 13:30 UTC | newest] Thread overview: 11+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2011-05-09 15:14 Patch Review Process Steve Lawrence 2011-05-09 19:21 ` Guido Trentalancia 2011-05-09 19:58 ` Steve Lawrence 2011-05-13 7:53 ` Patch Review Process - Missing patch for selinux_set_mapping Richard Haines 2011-05-13 9:28 ` Patch Review Process Kohei Kaigai 2011-05-13 10:34 ` Guido Trentalancia 2011-05-16 14:30 ` Steve Lawrence 2011-05-16 15:15 ` Kohei Kaigai 2011-05-16 16:04 ` Greg Smith 2011-05-18 13:31 ` Steve Lawrence 2011-05-09 19:38 ` Guido Trentalancia
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.