[PATCH] Apply ACLs even if acl list reading failed
Danny Kukawka
danny.kukawka at web.de
Thu Mar 6 11:56:48 PST 2008
On Donnerstag, 6. März 2008, Lubomir Kundrak wrote:
> On Thu, 2008-03-06 at 19:50 +0100, Danny Kukawka wrote:
> > On Mittwoch, 5. März 2008, Lubomir Kundrak wrote:
> > > List of applied ACLs can get corrupted, and that prevents hal-acl-tool
> > > from ever touching it again and fixing. Trivial fix attached.
> > >
> > > If that was due to a crash, etc, it is not valid any longer anyways. In
> > > that case probably it would make sense to relocate
> > > /var/lib/hal/acl-list into /var/run/hal, and let it be removed by
> > > operating system startup scripts.
> >
> > If you say the change is okay from the security POV, I commited it.
>
> That had nothing to do with security. Problem was that I have seen a
> report, that user's acl list got somehow corrupted (probably due to a
> system crash or power outage or whatever). The run-specific data should
> really not survive reboots -- in this case it prevented from hal ever
> being able to parse the acl list again, though its contents were not
> pertinent to current run.
Sorry, wasn't clear enough. I fully understand why you moved it
to /var/run/hal, but I wasn't totally sure about the first small patch.
Danny
More information about the hal
mailing list