On Wed, 2010-03-17 at 11:40 +0000, Alan Jenkins wrote: > Jon Masters wrote: > > Hi Alan, > > > > Thanks for your patches. As I mentioned below, I'm pulling everything > > but the rename removal (for reasons explained). There is a pre2 version > > of 3.12 in git and I made tarballs last week, but I am waiting until > > pre3 this week before I make an announcement. Then the final 3.12 should > > just be exactly the same if nothing horrible comes up in testing. > Great. It is rather, nice day here too. Spring is in the air! > > On Wed, 2010-03-17 at 10:27 +0000, Alan Jenkins wrote: > > > > > >> Alan Jenkins (8): > >> (fixes) > >> doc: fix typo > >> doc: fix sgml errors > >> modprobe: fix dump_config > >> modprobe: fix softdep flags > >> > > > > Thanks, these are great. I guess a markup validator would be handy. Are > > you building the SGML with different flags, tools, or did I miss it? > I've been using the debian package "docbook-to-man" (via the Makefile, > no custom flags). It's always been a bit noisy, and the errors didn't > stop it from generating the manpages. Ah cool. I'm not really happy with the Fedora SGML tools anyway. Maybe I'll do a run later now I have a handy Debian unstable VM again (I recently installed all of the distros contributing to m-i-t, and set them up to do nightly updates to their unstable/factory/devel distros, with the exception of Slackware, which has slapt-get and is manual). > > On the softdep front, I think it's also worth fixing the ignore flags to > > actually offer a choice of ignoring install *or* remove but not both. > > The current implementation doesn't do what might be apparent. > Not sure what you have in mind here. Oh only that the way ignore install/remove commands work (both mean exactly the same thing) is fine because you call modprobe in one mode or another (unless of course an install command recurses and calls in the other mode for some reason - but those commands are due to die anyway), but with softdep you possibly want to be able to specify more closely what is being ignored. I was vague, unclear, and pre-coffee before. btw, I'm working on pushing some of those whitelist patches for review. These are something that a RH person sent me and wants to get into F13. The idea is that you basically list explicitly every module that can be loaded (inverse of blacklisting) and can avoid e.g. the kernel calling modprobe on something you didn't expect. That's fine for e.g. loading a net protocol because some user code tried to use it, but it's "not cool" to use this as a replacement for decent system policy in things like policykit and elsewhere (e.g. preventing a flash drive from mounting is something you *do not* solve by preventing usb-storage/vfat loading). I am holding a little on the patches while I make sure the right people are talking to each other to ensure whitelisting is only used when some seucrity paranoia justifies it, and not in place of doing policy right. Jon. -- To unsubscribe from this list: send the line "unsubscribe linux-modules" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
