[OpenAFS] OpenAFS & Linux kernel 2.6: please have a trackable
bug report / task ?
Derek Atkins
warlord@MIT.EDU
Wed, 18 Feb 2004 14:35:17 -0500
While true in theory, the question is will Red Hat, Debian, SuSE,
Mandrake, Gentoo, et. al. ship 2.6 kernels pre-built with LSM enabled?
Does the Fedora-Core-2-beta 2.6 kernel have LSM enabled? (I have not
looked, don't have an FC-2-beta machine to play with, and don't intend
to build one at the moment).
If there is a very high probability that the major distros will enable
LSM by default, then it's probably worthwhile to go that route. OTOH
if they don't plan to enable LSM by default, we're still in the same
position of requiring users to rebuild their own kernel.
-derek
Lester Barrows <barrows@email.arc.nasa.gov> writes:
> On Wednesday 18 February 2004 08:47, Derrick J Brashear wrote:
>> If you promise me Linux Security Module will be on in every kernel I could
>> do it now, probably. And I can certainly imagine ways of doing it,
>> *right*, without touching groups.
>
> Not to interrupt or intrude, but all software has requirements of some sort.
> If you make the Linux Security Module an AFS requirement for those running
> the 2.6 kernel, then it seems that the problem is halfway solved. Some form
> of Kerberos client is already necessary in userspace, and enabling a kernel
> security module for AFS is IMO more comfortable (from a security standpoint)
> than enabling RPC to get NFS support...
>
> If it's possible to do it a different way then that's also good. If the Linux
> Security Module is the cleanest way to do it though, and it sounds like
> that's the case, then why worry too much about the requirement? All
> counter-arguments to the effect of "why don't you contribute the code" are
> 100% valid of course, but I haven't the understanding of AFS internals to do
> so. :-)
>
> Regards,
>
> Lester Barrows
> Asani Solutions, LLC
> Code IC Systems Group
> NASA Ames Research Center
>
> "Jura rapelcgvba vf bhgynjrq, bayl bhgynjf jvyy unir cevinpl."
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>
>
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available