From mboxrd@z Thu Jan 1 00:00:00 1970 From: Richard Guy Briggs Subject: Re: [userspace PATCH v2 0/2] Add support for loginuid_set Date: Tue, 18 Oct 2016 06:48:41 -0400 Message-ID: <20161018104841.GI23701@madcap2.tricolour.ca> References: <1471544337-3108-1-git-send-email-rgb@redhat.com> <20161017154017.GF23701@madcap2.tricolour.ca> <1594202.aPB8anKs2i@x2> <20161018043526.GH32641@madcap2.tricolour.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <20161018043526.GH32641@madcap2.tricolour.ca> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: Steve Grubb Cc: linux-audit@redhat.com List-Id: linux-audit@redhat.com On 2016-10-18 00:35, Richard Guy Briggs wrote: > On 2016-10-17 18:21, Steve Grubb wrote: > > On Monday, October 17, 2016 5:19:59 PM EDT Paul Moore wrote: > > > We haven't merged any of the session ID code into the kernel so > > > changes are still possible. The logic for supporting loginuid_set > > > (UID namespace issues) don't really apply to session IDs so I think we > > > can drop the sessionid_set part of the API and just use the -1 > > > sentinel. > > > > OK, that's good to hear. I'll fix up and merge the sessionid patch - no need to > > re-send the user space piece. > > userspace patch 2 gets dropped, paches 1 and 3 need rework to not block > -1 and to remove sessionid_set respectively. kernel patch 2 gets > dropped and patch 1 I think needs rework to allow -1. Kernel patch 1 does not need rework because I properly put the positive integer check for sessionID in the sessionID_set patch that adds that. > The test patches also need rework as does the RFE page. > > > -Steve > > - RGB - RGB -- Richard Guy Briggs Kernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635