Re: Debian fork: 'Devuan', Debian without Systemd
On 3 December 2014 at 21:19, Martin Read <zen75502@zen.co.uk> wrote:
> On 03/12/14 21:52, Martinx - ジェームズ wrote:
>>
>> I'm using `GRSecurity` with Debian in prod and it doesn't work with
>> `systemd`.
>>
>> I NEED `sysvinit-core` (or upstart) and there is no plans to deploy
>> `systemd` at my company's public data center. Since it [systemd]
>> doesn't work here.
>>
>> If `systemd` gets fixed (to work with `GRSecurity`), then, I'll give
>> it a second try. Otherwise, I'll need to move to Devuan...
>>
>> Lennart do not care about that:
>> https://bugs.freedesktop.org/show_bug.cgi?id=65575 - How bad is that?
>
>
> A cursory search using duckduckgo with the search terms:
>
> +grsecurity +systemd
>
> leads me, directly and indirectly, to information on various web sites
> associated with Arch Linux, Gentoo, and grsecurity which lead me to believe
> that it is possible to work around the problem described in that bug report
> without completely disabling CONFIG_GRKERNSEC_PROC. (Of course, I recognize
> that in any given situation, it may not be acceptable to make the necessary
> configuration changes.)
>
> That said, I don't see a problem with Lennart's position in that bug report
> anyway. "Well, this sounds useful, but I don't see how we can support this,
> we need access to the PID directory of the sender of messages, to collect
> metadata, there's really no way around it." seems like a perfectly
> reasonable explanation for things not working-as-intended on systems where
> that access is not available.
Thanks for this feedback!! I tried it but, then, I wasn't with enough
time to debug it... Since it was working before, I just replaced
systemd by sysvinit and forgot about it...
Best!
Reply to: