On 3 December 2014 at 21:19, Martin Read <zen75...@zen.co.uk> wrote: > On 03/12/14 21:52, Martinx - ジェームズ wrote: >> >> I'm using `GRSecurity` with Debian in prod and it doesn't work with >> `systemd`. >> >> I NEED `sysvinit-core` (or upstart) and there is no plans to deploy >> `systemd` at my company's public data center. Since it [systemd] >> doesn't work here. >> >> If `systemd` gets fixed (to work with `GRSecurity`), then, I'll give >> it a second try. Otherwise, I'll need to move to Devuan... >> >> Lennart do not care about that: >> https://bugs.freedesktop.org/show_bug.cgi?id=65575 - How bad is that? > > > A cursory search using duckduckgo with the search terms: > > +grsecurity +systemd > > leads me, directly and indirectly, to information on various web sites > associated with Arch Linux, Gentoo, and grsecurity which lead me to believe > that it is possible to work around the problem described in that bug report > without completely disabling CONFIG_GRKERNSEC_PROC. (Of course, I recognize > that in any given situation, it may not be acceptable to make the necessary > configuration changes.) > > That said, I don't see a problem with Lennart's position in that bug report > anyway. "Well, this sounds useful, but I don't see how we can support this, > we need access to the PID directory of the sender of messages, to collect > metadata, there's really no way around it." seems like a perfectly > reasonable explanation for things not working-as-intended on systems where > that access is not available.
Thanks for this feedback!! I tried it but, then, I wasn't with enough time to debug it... Since it was working before, I just replaced systemd by sysvinit and forgot about it... Best! -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAJSM8J2dXE=S9+qjPrG=u67dnath+0+tovod3de5srppg3b...@mail.gmail.com
