From: Greg KH <greg@kroah.com>
To: Steve Grubb <sgrubb@redhat.com>
Cc: "Timothy R. Chavez" <tinytim@us.ibm.com>,
Andrew Morton <akpm@osdl.org>,
linux-audit@redhat.com, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org,
David Woodhouse <dwmw2@infradead.org>,
Mounir Bsaibes <mbsaibes@us.ibm.com>,
Serge Hallyn <serue@us.ibm.com>,
Alexander Viro <viro@parcelfarce.linux.theplanet.co.uk>,
Klaus Weidner <klaus@atsec.com>, Chris Wright <chrisw@osdl.org>,
Stephen Smalley <sds@tycho.nsa.gov>, Robert Love <rml@novell.com>,
Christoph Hellwig <hch@infradead.org>,
Daniel H Jones <danjones@us.ibm.com>,
Amy Griffis <amy.griffis@hp.com>,
Maneesh Soni <maneesh@in.ibm.com>
Subject: Re: [PATCH] audit: file system auditing based on location and name
Date: Thu, 7 Jul 2005 12:04:55 -0700 [thread overview]
Message-ID: <20050707190455.GA19570@kroah.com> (raw)
In-Reply-To: <200507071449.10271.sgrubb@redhat.com>
On Thu, Jul 07, 2005 at 02:49:09PM -0400, Steve Grubb wrote:
> On Thursday 07 July 2005 14:15, Greg KH wrote:
> > I fail to see any refactoring here, why not make your patch rely on
> > theirs?
>
> At the time this code was developed, inotify was not in the kernel. We would
> be patching against another patch that's not in the kernel.
You all are asking for this patch to be added to -mm, which contains
inotify.
> > > The whole rest of it is different. I hope the inotify people comment
> > > on this to see if there is indeed something that should be refactored.
> >
> > I realize your userspace access is different, yet I do not believe yet
> > that it should be this way.
>
> The problems that we are faced with are dictated by CAPP and other security
> profiles. The audit user space access has been in the kernel for over a year,
> so that's not really a good thing to go changing.
You are adding auditfs, a new userspace access, right? That's what I am
referring to.
> > No documentation on the auditfs interface :(
>
> That's what Tim's email was providing. Its a new component.
His email provided no documentation that I could see. Am I just missing
something?
> > > The audit package is currently distributed in Fedora Core 4. The code to
> > > use Tim's fs audit code is in the user space app, but is waiting for the
> > > kernel pieces.
> >
> > So the userspace package in FC4 will not use auditfs?
>
> Right. You get a few warnings due to missing functionality. If the kernel were
> patched with Tim's code, it all works as expected. We have worked out the
> user space access and that shouldn't be changing.
Then what use is auditfs for if you don't need it?
Am I correct in thinking that you all need to split this patch into two
pieces, the new inode stuff, and auditfs, as neither one has anything to
do with the other?
Confused,
greg k-h
next prev parent reply other threads:[~2005-07-07 19:04 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-06 16:54 [PATCH] audit: file system auditing based on location and name Timothy R. Chavez
2005-07-06 17:17 ` Greg KH
2005-07-06 20:23 ` Timothy R. Chavez
2005-07-06 23:50 ` Greg KH
2005-07-07 1:33 ` Steve Grubb
2005-07-07 18:15 ` Greg KH
2005-07-07 18:49 ` Steve Grubb
2005-07-07 19:04 ` Greg KH [this message]
2005-07-07 19:48 ` Steve Grubb
2005-07-07 21:31 ` Arjan van de Ven
2005-07-07 22:08 ` Timothy R. Chavez
2005-07-07 22:51 ` serue
2005-07-08 5:33 ` Arjan van de Ven
2005-07-08 5:48 ` James Morris
2005-07-08 17:48 ` Greg KH
2005-07-07 16:26 ` Timothy R. Chavez
2005-07-07 18:10 ` Greg KH
2005-07-07 18:16 ` David Woodhouse
2005-07-07 18:18 ` Greg KH
2005-07-07 19:49 ` Timothy R. Chavez
2005-07-08 17:46 ` Greg KH
2005-07-08 19:48 ` Timothy R. Chavez
2005-07-10 18:59 ` Greg KH
[not found] ` <OF993CB74B.E135A576-ON8725703B.00568CD6-0525703B.005814C3@us.ibm.com>
2005-07-11 17:13 ` Greg KH
2005-07-09 1:10 ` Chris Wright
2005-07-09 2:10 ` Timothy R. Chavez
2005-07-07 6:40 ` Arjan van de Ven
2005-07-07 6:50 ` David Woodhouse
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050707190455.GA19570@kroah.com \
--to=greg@kroah.com \
--cc=akpm@osdl.org \
--cc=amy.griffis@hp.com \
--cc=chrisw@osdl.org \
--cc=danjones@us.ibm.com \
--cc=dwmw2@infradead.org \
--cc=hch@infradead.org \
--cc=klaus@atsec.com \
--cc=linux-audit@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maneesh@in.ibm.com \
--cc=mbsaibes@us.ibm.com \
--cc=rml@novell.com \
--cc=sds@tycho.nsa.gov \
--cc=serue@us.ibm.com \
--cc=sgrubb@redhat.com \
--cc=tinytim@us.ibm.com \
--cc=viro@parcelfarce.linux.theplanet.co.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).