[Devel] [PATCH] SUNRPC: connect to UNIX sockets synchronously
Stanislav Kinsbursky
skinsbursky at parallels.com
Tue Dec 4 23:48:34 PST 2012
04.12.2012 18:20, Eric Paris пишет:
> On Tue, Dec 4, 2012 at 6:10 AM, Stanislav Kinsbursky
> <skinsbursky at parallels.com> wrote:
>
>> But there should be noted, that such implementation introduces limitation
>> (Trond's quote):
>> "That approach can fall afoul of the selinux restrictions on the process
>> context. Processes that are allowed to write data, may not be allowed to
>> create sockets or call connect(). That is the main reason for doing it
>> in the rpciod context, which is a clean kernel process context."
>
> So you tested this and Trond was wrong? This work just fine even on
> an SELinux box? Or it does break tons and tons of people's computers?
>
> -Eric
>
You can read discussion here:
https://patchwork.kernel.org/patch/1565111/
We use AF_LOCAL transports only for portmapper calls.
So, we decided (or at least I understood that so) to make such connections
from process context - i.e. synchronously.
--
Best regards,
Stanislav Kinsbursky
More information about the Devel
mailing list