[PATCH] resteasy drm client patches
by Ade Lee
These patches provide the DRM test client that is currently being used
to test DRM functionality. The patches need to be updated sequentially.
The future plan (next week) is to convert these to junit format. For
now, though, my focus is on the Python client code.
jmagne is already working with these tests, but he will submit his
corrections in separate patches.
Please review,
Ade
12 years, 7 months
git push
by Christina
forgive me as this is my first checkin using git. Something unexpected
happened.
I was on the master branch and when ready I did "git push" and it
unexpectedly told me the following:
Counting objects: 50, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (23/23), done.
Writing objects: 100% (28/28), 2.89 KiB, done.
Total 28 (delta 19), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/pki.git
5bf257b..5314d04 DOGTAG_9_BRANCH -> DOGTAG_9_BRANCH
I did happen to have worked on DOGTAG_9_BRANCH as well but I did not
expect it to be pushed as I was on the master at the time, although I
was getting it ready as well. I just did not expect it to be pushed.
So does git push push everything even though you are not on that branch
at the moment?
Now I see something called Merge branch 'DOGTAG_9_BRANCH' of
ssh://git.fedorahoste..
<http://git.fedorahosted.org/git?p=pki.git;a=commit;h=5314d049fadd54666dbd...>
being pushed onto DOGTAG_9_BRANCH. Is it supposed to be?
thanks,
Christina
12 years, 8 months
Some recent systemd security features ( tunable in unit-files)
by Kashyap Chamarthy
Hi,
Just came across this blog post from Lennart Poettering on security features in systemd,
which seem to be relatively easy to use by configuring a directive in systemd unit files.
Wondering, if we can use any of these for dogtag systemd unit files.
http://0pointer.de/blog/projects/security.html
Quick notes from the above long post:
- Isolating services from the network
+ A service and all its processes can be disconnected via n/w (I guess this won't be much
helpful in our case as dogtag operates mostly over network)
- Service-private /tmp
+ An isolated private /tmp from host system's /tmp
- Making directories appear read-only or inaccessible to services
- Taking away capabilities from services
+ Ability to limit kernel capabilities to services
- Disallowing forking, limiting file creation for services
- Controlling device node access of services
+ Ex: Like allowing access to a specific device (like/dev/null, and only to this device)
--
/kashyap
12 years, 8 months
[PATCH] Fix of broken build of pki-tps in git repo
by Matthew Harmsen
CMakeLists.txt file was changed to account for the removal of
empty directories from the source code.
Bugzilla Bug #782953
---
pki/base/tps/CMakeLists.txt | 91 +++++++++++++++++++++++++++++++------------
1 files changed, 66 insertions(+), 25 deletions(-)
diff --git a/pki/base/tps/CMakeLists.txt b/pki/base/tps/CMakeLists.txt
index cefe11c..96d23fe 100644
--- a/pki/base/tps/CMakeLists.txt
+++ b/pki/base/tps/CMakeLists.txt
@@ -98,31 +98,6 @@ install(
install(
DIRECTORY
- forms/esc/demo
- forms/esc/home
- forms/esc/so
- forms/esc/sow
- forms/tps
- DESTINATION
- ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot
- PATTERN
- "forms/esc/sow/css" EXCLUDE
- PATTERN
- "forms/esc/sow/images"EXCLUDE
- PATTERN
- "forms/esc/sow/js"EXCLUDE
- PATTERN
- "forms/tps/admin/console/css"EXCLUDE
-)
-
-install(
- DIRECTORY
- DESTINATION
- ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/tokendb
-)
-
-install(
- DIRECTORY
lib
DESTINATION
${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}
@@ -165,3 +140,69 @@ install(
${VAR_INSTALL_DIR}/run/pki/tps
)
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/demo
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/home
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/so
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/sow
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/tokendb
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/tps
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/tps/admin
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/tps/admin/console
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/tps/admin/console/config
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/tps/admin/console/img
+)
+
+install(
+ DIRECTORY
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/docroot/tps/admin/console/js
+)
+
--
1.7.7.1
12 years, 8 months
osutil: some issues regarding copyright, code
by Timo Aaltonen
Hi!
I'm currently packaging Dogtag et al for Debian and Ubuntu, so I filed
an intend-to-package bugreport on the Debian bugtracker about osutil. It
got reviewed, and here's a summary of the issues that were found:
- src/com/netscape/osutil/unixdefs.h has a Netscape copyright, that
forbids distribution and copying. Is it merely a mistake?
- "Signal.java has one architecture's signal numbers hardcoded in". Is
it still portable to more obscure architectures?
- the java files have hardcoded library paths, which will break with
multiarch (http://wiki.debian.org/Multiarch)
- "full of error messages printed to stdout / stderr"
- some of the functionality is apparently duplicated from (current)
standard java? (string to byte conversion was mentioned)
so it would be great to see at least the copyright issue sorted out,
soon, since it prevents inclusion.
link to the original bugreport:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654689
(you can reply there by sending email to 654689(a)bugs.debian.org)
--
t
12 years, 8 months