diff for duplicates of <87bmoo8bxb.fsf@xmission.com>

All of lore.kernel.org
 help / color / mirror / Atom feed

diff for duplicates of <87bmoo8bxb.fsf@xmission.com>

diff --git a/a/1.txt b/N1/1.txt
index 1b83886..3736756 100644
--- a/a/1.txt
+++ b/N1/1.txt
@@ -1,7 +1,7 @@
-Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:
+Stefan Berger <stefanb@linux.vnet.ibm.com> writes:
 
 > On 07/13/2017 01:14 PM, Eric W. Biederman wrote:
->> Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org> writes:
+>> Theodore Ts'o <tytso@mit.edu> writes:
 >>
 >>> On Thu, Jul 13, 2017 at 07:11:36AM -0500, Eric W. Biederman wrote:
 >>>> The concise summary:
@@ -16,12 +16,12 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 >>> So correct me if I am wrong; in general, there will only be one
 >>> variant of the form:
 >>>
->>>     security.foo@uid=15000
+>>>     security.foo at uid=15000
 >>>
 >>> It's not like there will be:
 >>>
->>>     security.foo@uid=1000
->>>     security.foo@uid=2000
+>>>     security.foo at uid=1000
+>>>     security.foo at uid=2000
 >>>
 >>> Except.... if you have an Distribution root directory which is shared
 >>> by many containers, you would need to put the xattrs in the overlay
@@ -35,7 +35,7 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 >>> capability with the global uid 0 should be used for the container
 >>> "root" uid, right?
 >>>
->>> So this hack of using security.foo@uid=1000 is *only* useful when the
+>>> So this hack of using security.foo at uid=1000 is *only* useful when the
 >>> subcontainer root wants to create the privileged executable.  You
 >>> still have to do things the other way.
 >>>
@@ -45,7 +45,7 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 >>>
 >>> exists, *or*
 >>>
->>>     security.foo@uid=BAR
+>>>     security.foo at uid=BAR
 >>>
 >>> exists, but never both?  And there BAR is exclusive to only one
 >>> instances?
@@ -80,7 +80,7 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 Reusable code has merit, as it reduces the maintenance burden.
 
 My big question right now is can you implement Ted's suggested
-restriction.  Only one security.foo or secuirty.foo@... attribute ?
+restriction.  Only one security.foo or secuirty.foo at ... attribute ?
 
 The maintenance gains are definitely worth taking if they do not
 penalize the common case.
@@ -106,3 +106,7 @@ key) but that would not be something that would need to be changed
 between containers.
 
 Eric
+--
+To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
+the body of a message to majordomo at vger.kernel.org
+More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff --git a/a/content_digest b/N1/content_digest
index 1e6de1f..c26dea3 100644
--- a/a/content_digest
+++ b/N1/content_digest
@@ -9,25 +9,16 @@
  "ref\020170713164012.brj2flnkaaks2oci@thunk.org\0"
  "ref\087k23cb6os.fsf@xmission.com\0"
  "ref\0847ccb2a-30c0-a94c-df6f-091c8901eaa0@linux.vnet.ibm.com\0"
- "ref\0847ccb2a-30c0-a94c-df6f-091c8901eaa0-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0"
- "From\0ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)\0"
- "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0"
+ "From\0ebiederm@xmission.com (Eric W. Biederman)\0"
+ "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0"
  "Date\0Thu, 13 Jul 2017 12:49:20 -0500\0"
- "To\0Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0"
- "Cc\0Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org>"
-  zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org
-  containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
-  linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org
-  linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org
- " lkp-JC7UmRfGjtg@public.gmane.org\0"
+ "To\0linux-security-module@vger.kernel.org\0"
  "\00:1\0"
  "b\0"
- "Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n"
+ "Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n"
  "\n"
  "> On 07/13/2017 01:14 PM, Eric W. Biederman wrote:\n"
- ">> Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org> writes:\n"
+ ">> Theodore Ts'o <tytso@mit.edu> writes:\n"
  ">>\n"
  ">>> On Thu, Jul 13, 2017 at 07:11:36AM -0500, Eric W. Biederman wrote:\n"
  ">>>> The concise summary:\n"
@@ -42,12 +33,12 @@
  ">>> So correct me if I am wrong; in general, there will only be one\n"
  ">>> variant of the form:\n"
  ">>>\n"
- ">>>     security.foo@uid=15000\n"
+ ">>>     security.foo at uid=15000\n"
  ">>>\n"
  ">>> It's not like there will be:\n"
  ">>>\n"
- ">>>     security.foo@uid=1000\n"
- ">>>     security.foo@uid=2000\n"
+ ">>>     security.foo at uid=1000\n"
+ ">>>     security.foo at uid=2000\n"
  ">>>\n"
  ">>> Except.... if you have an Distribution root directory which is shared\n"
  ">>> by many containers, you would need to put the xattrs in the overlay\n"
@@ -61,7 +52,7 @@
  ">>> capability with the global uid 0 should be used for the container\n"
  ">>> \"root\" uid, right?\n"
  ">>>\n"
- ">>> So this hack of using security.foo@uid=1000 is *only* useful when the\n"
+ ">>> So this hack of using security.foo at uid=1000 is *only* useful when the\n"
  ">>> subcontainer root wants to create the privileged executable.  You\n"
  ">>> still have to do things the other way.\n"
  ">>>\n"
@@ -71,7 +62,7 @@
  ">>>\n"
  ">>> exists, *or*\n"
  ">>>\n"
- ">>>     security.foo@uid=BAR\n"
+ ">>>     security.foo at uid=BAR\n"
  ">>>\n"
  ">>> exists, but never both?  And there BAR is exclusive to only one\n"
  ">>> instances?\n"
@@ -106,7 +97,7 @@
  "Reusable code has merit, as it reduces the maintenance burden.\n"
  "\n"
  "My big question right now is can you implement Ted's suggested\n"
- "restriction.  Only one security.foo or secuirty.foo@... attribute ?\n"
+ "restriction.  Only one security.foo or secuirty.foo at ... attribute ?\n"
  "\n"
  "The maintenance gains are definitely worth taking if they do not\n"
  "penalize the common case.\n"
@@ -131,6 +122,10 @@
  "key) but that would not be something that would need to be changed\n"
  "between containers.\n"
  "\n"
- Eric
+ "Eric\n"
+ "--\n"
+ "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n"
+ "the body of a message to majordomo at vger.kernel.org\n"
+ More majordomo info at  http://vger.kernel.org/majordomo-info.html
 
-ace9167a75dde37fe974f2abd4a48588f2689e580383b355e303b9ef6cda2a9c
+adb4a92afb7e927e54df6ffb2454b6e6b34cd91191e25730f95decdea5adc8ec

diff --git a/a/1.txt b/N2/1.txt
index 1b83886..71dcd4b 100644
--- a/a/1.txt
+++ b/N2/1.txt
@@ -1,7 +1,7 @@
-Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:
+Stefan Berger <stefanb@linux.vnet.ibm.com> writes:
 
 > On 07/13/2017 01:14 PM, Eric W. Biederman wrote:
->> Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org> writes:
+>> Theodore Ts'o <tytso@mit.edu> writes:
 >>
 >>> On Thu, Jul 13, 2017 at 07:11:36AM -0500, Eric W. Biederman wrote:
 >>>> The concise summary:
@@ -16,12 +16,12 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 >>> So correct me if I am wrong; in general, there will only be one
 >>> variant of the form:
 >>>
->>>     security.foo@uid=15000
+>>>     security.foo(a)uid=15000
 >>>
 >>> It's not like there will be:
 >>>
->>>     security.foo@uid=1000
->>>     security.foo@uid=2000
+>>>     security.foo(a)uid=1000
+>>>     security.foo(a)uid=2000
 >>>
 >>> Except.... if you have an Distribution root directory which is shared
 >>> by many containers, you would need to put the xattrs in the overlay
@@ -35,7 +35,7 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 >>> capability with the global uid 0 should be used for the container
 >>> "root" uid, right?
 >>>
->>> So this hack of using security.foo@uid=1000 is *only* useful when the
+>>> So this hack of using security.foo(a)uid=1000 is *only* useful when the
 >>> subcontainer root wants to create the privileged executable.  You
 >>> still have to do things the other way.
 >>>
@@ -45,7 +45,7 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 >>>
 >>> exists, *or*
 >>>
->>>     security.foo@uid=BAR
+>>>     security.foo(a)uid=BAR
 >>>
 >>> exists, but never both?  And there BAR is exclusive to only one
 >>> instances?
@@ -80,7 +80,7 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 Reusable code has merit, as it reduces the maintenance burden.
 
 My big question right now is can you implement Ted's suggested
-restriction.  Only one security.foo or secuirty.foo@... attribute ?
+restriction.  Only one security.foo or secuirty.foo(a)... attribute ?
 
 The maintenance gains are definitely worth taking if they do not
 penalize the common case.
diff --git a/a/content_digest b/N2/content_digest
index 1e6de1f..a12a47d 100644
--- a/a/content_digest
+++ b/N2/content_digest
@@ -1,33 +1,14 @@
- "ref\01499785511-17192-1-git-send-email-stefanb@linux.vnet.ibm.com\0"
- "ref\01499785511-17192-2-git-send-email-stefanb@linux.vnet.ibm.com\0"
- "ref\087mv89iy7q.fsf@xmission.com\0"
- "ref\020170712170346.GA17974@mail.hallyn.com\0"
- "ref\0877ezdgsey.fsf@xmission.com\0"
- "ref\074664cc8-bc3e-75d6-5892-f8934404349f@linux.vnet.ibm.com\0"
- "ref\020170713011554.xwmrgkzfwnibvgcu@thunk.org\0"
- "ref\087y3rscz9j.fsf@xmission.com\0"
- "ref\020170713164012.brj2flnkaaks2oci@thunk.org\0"
- "ref\087k23cb6os.fsf@xmission.com\0"
  "ref\0847ccb2a-30c0-a94c-df6f-091c8901eaa0@linux.vnet.ibm.com\0"
- "ref\0847ccb2a-30c0-a94c-df6f-091c8901eaa0-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0"
- "From\0ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)\0"
+ "From\0Eric W. Biederman <ebiederm@xmission.com>\0"
  "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0"
  "Date\0Thu, 13 Jul 2017 12:49:20 -0500\0"
- "To\0Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0"
- "Cc\0Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org>"
-  zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org
-  containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
-  linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org
-  linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org
- " lkp-JC7UmRfGjtg@public.gmane.org\0"
- "\00:1\0"
+ "To\0lkp@lists.01.org\0"
+ "\01:1\0"
  "b\0"
- "Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n"
+ "Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n"
  "\n"
  "> On 07/13/2017 01:14 PM, Eric W. Biederman wrote:\n"
- ">> Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org> writes:\n"
+ ">> Theodore Ts'o <tytso@mit.edu> writes:\n"
  ">>\n"
  ">>> On Thu, Jul 13, 2017 at 07:11:36AM -0500, Eric W. Biederman wrote:\n"
  ">>>> The concise summary:\n"
@@ -42,12 +23,12 @@
  ">>> So correct me if I am wrong; in general, there will only be one\n"
  ">>> variant of the form:\n"
  ">>>\n"
- ">>>     security.foo@uid=15000\n"
+ ">>>     security.foo(a)uid=15000\n"
  ">>>\n"
  ">>> It's not like there will be:\n"
  ">>>\n"
- ">>>     security.foo@uid=1000\n"
- ">>>     security.foo@uid=2000\n"
+ ">>>     security.foo(a)uid=1000\n"
+ ">>>     security.foo(a)uid=2000\n"
  ">>>\n"
  ">>> Except.... if you have an Distribution root directory which is shared\n"
  ">>> by many containers, you would need to put the xattrs in the overlay\n"
@@ -61,7 +42,7 @@
  ">>> capability with the global uid 0 should be used for the container\n"
  ">>> \"root\" uid, right?\n"
  ">>>\n"
- ">>> So this hack of using security.foo@uid=1000 is *only* useful when the\n"
+ ">>> So this hack of using security.foo(a)uid=1000 is *only* useful when the\n"
  ">>> subcontainer root wants to create the privileged executable.  You\n"
  ">>> still have to do things the other way.\n"
  ">>>\n"
@@ -71,7 +52,7 @@
  ">>>\n"
  ">>> exists, *or*\n"
  ">>>\n"
- ">>>     security.foo@uid=BAR\n"
+ ">>>     security.foo(a)uid=BAR\n"
  ">>>\n"
  ">>> exists, but never both?  And there BAR is exclusive to only one\n"
  ">>> instances?\n"
@@ -106,7 +87,7 @@
  "Reusable code has merit, as it reduces the maintenance burden.\n"
  "\n"
  "My big question right now is can you implement Ted's suggested\n"
- "restriction.  Only one security.foo or secuirty.foo@... attribute ?\n"
+ "restriction.  Only one security.foo or secuirty.foo(a)... attribute ?\n"
  "\n"
  "The maintenance gains are definitely worth taking if they do not\n"
  "penalize the common case.\n"
@@ -133,4 +114,4 @@
  "\n"
  Eric
 
-ace9167a75dde37fe974f2abd4a48588f2689e580383b355e303b9ef6cda2a9c
+c10cb2196a9e7767f0f5b9e1aa0c563f40886547d8d9e557b79a3ae1a3046a50

diff --git a/a/1.txt b/N3/1.txt
index 1b83886..2dd1fd0 100644
--- a/a/1.txt
+++ b/N3/1.txt
@@ -1,7 +1,7 @@
-Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:
+Stefan Berger <stefanb@linux.vnet.ibm.com> writes:
 
 > On 07/13/2017 01:14 PM, Eric W. Biederman wrote:
->> Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org> writes:
+>> Theodore Ts'o <tytso@mit.edu> writes:
 >>
 >>> On Thu, Jul 13, 2017 at 07:11:36AM -0500, Eric W. Biederman wrote:
 >>>> The concise summary:
diff --git a/a/content_digest b/N3/content_digest
index 1e6de1f..01ad66c 100644
--- a/a/content_digest
+++ b/N3/content_digest
@@ -9,25 +9,29 @@
  "ref\020170713164012.brj2flnkaaks2oci@thunk.org\0"
  "ref\087k23cb6os.fsf@xmission.com\0"
  "ref\0847ccb2a-30c0-a94c-df6f-091c8901eaa0@linux.vnet.ibm.com\0"
- "ref\0847ccb2a-30c0-a94c-df6f-091c8901eaa0-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0"
- "From\0ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)\0"
+ "From\0ebiederm@xmission.com (Eric W. Biederman)\0"
  "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0"
  "Date\0Thu, 13 Jul 2017 12:49:20 -0500\0"
- "To\0Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0"
- "Cc\0Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org>"
-  zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org
-  containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
-  linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org
-  linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org
- " lkp-JC7UmRfGjtg@public.gmane.org\0"
+ "To\0Stefan Berger <stefanb@linux.vnet.ibm.com>\0"
+ "Cc\0Theodore Ts'o <tytso@mit.edu>"
+  Serge E. Hallyn <serge@hallyn.com>
+  containers@lists.linux-foundation.org
+  lkp@01.org
+  linux-kernel@vger.kernel.org
+  zohar@linux.vnet.ibm.com
+  tycho@docker.com
+  James.Bottomley@hansenpartnership.com
+  vgoyal@redhat.com
+  christian.brauner@mailbox.org
+  amir73il@gmail.com
+  linux-security-module@vger.kernel.org
+ " casey@schaufler-ca.com\0"
  "\00:1\0"
  "b\0"
- "Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n"
+ "Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n"
  "\n"
  "> On 07/13/2017 01:14 PM, Eric W. Biederman wrote:\n"
- ">> Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org> writes:\n"
+ ">> Theodore Ts'o <tytso@mit.edu> writes:\n"
  ">>\n"
  ">>> On Thu, Jul 13, 2017 at 07:11:36AM -0500, Eric W. Biederman wrote:\n"
  ">>>> The concise summary:\n"
@@ -133,4 +137,4 @@
  "\n"
  Eric
 
-ace9167a75dde37fe974f2abd4a48588f2689e580383b355e303b9ef6cda2a9c
+c79d7d23b440a635f63cb1eadff0b0ff01978e74aceedabe39158a0f2571b87d

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.