From: ng0 <contact.ng0@cryptolab.net>
To: Leo Famulari <leo@famulari.name>
Cc: guix-devel@gnu.org
Subject: Re: Shadow -> 4.4
Date: Sat, 11 Feb 2017 19:48:07 +0000 [thread overview]
Message-ID: <20170211194807.wxxsq4z3jqyrsv5t@wasp> (raw)
In-Reply-To: <20170211184723.GA8411@jasmine>
On 17-02-11 13:47:23, Leo Famulari wrote:
> On Fri, Jan 20, 2017 at 11:02:05AM +0000, ng0 wrote:
> > Leo Famulari <leo@famulari.name> writes:
> >
> > > On Thu, Jan 19, 2017 at 08:06:34PM +0000, contact.ng0@cryptolab.net wrote:
> > >> Question: I don't prefer to crash and burn systems, which test is
> > >> enough to show that it works? Reconfiguring one of my own systems?
> > >
> > > Yes. If it breaks your system, you can always reboot into an earlier
> > > system generation. Another option is to use a VM. I tested both cases,
> > > and it works for me.
> > >
> > > Would anyone else like to test it?
> >
> > I have just reconfigured my system and I can login, and use
> > sudo. More testing wasn't done.
>
> I just pushed the patches, after adding a link to the source of the
> snprintf patch.
Thanks!
> > By the way, why don't we build 'shadow' with SELinux support?
Are there any reasons _against_ configuring 'shadow' with SELinux
support?
> > I know everyone is busy, but I think we really should get that
> > hardening plan going - or at least come up with a plan on what we
> > want now and who's interested/will be involved, etc.
>
> I agree that we should get moving on this. The project is waiting for
> some person or group to start working on it. I'm sure we'd all like to
> see progress but many of us are at the limit of how much work we can do.
I need to clean up a bit, but I have decided to dedicate some portion of
my time to connecting bits and pieces in this area. I made it to part of
my roadmap of the GuixSD blend I create, at least some parts of
hardening. One person is working on finishing SELinux afaik, I just
decided to stick to the libcs. But as you wrote, time is limited.
--
ng0 -- https://www.inventati.org/patternsinthechaos/
next prev parent reply other threads:[~2017-02-11 19:46 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-19 20:06 Shadow -> 4.4 contact.ng0
2017-01-19 20:06 ` [PATCH 1/2] gnu: shadow: Use 'modify-phases' contact.ng0
2017-01-20 5:19 ` Leo Famulari
2017-01-19 20:06 ` [PATCH 2/2] gnu: shadow: Update to 4.4 contact.ng0
2017-01-20 5:18 ` Leo Famulari
2017-01-19 20:15 ` Shadow -> 4.4 contact.ng0
2017-01-20 5:16 ` Leo Famulari
2017-01-20 11:02 ` ng0
2017-02-11 18:47 ` Leo Famulari
2017-02-11 19:48 ` ng0 [this message]
2017-02-11 20:28 ` Leo Famulari
2017-02-17 9:58 ` ng0
2017-01-20 21:07 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170211194807.wxxsq4z3jqyrsv5t@wasp \
--to=contact.ng0@cryptolab.net \
--cc=guix-devel@gnu.org \
--cc=leo@famulari.name \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.