[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PATCH&RFC: "persistent state" directory default/config/API

1.These are bim programming practices right? 
2.SafeAge Areas
3.GeoCachings have have been done correctly.
4.also working on incubus,cartographic health care but must remain natural away from intrusive and less invasive practice. 
5. If cartography, transmits an impurity, googliniar scale maintenance's, purified origs.so if persistent then mailer sends specified no judgemental, excellence post provision Orig relevant healthcare repair but not because of good kinda sorta BIM even thoe bims aesthetic program has to do with organamics.
6. Enlightened Filters are required but most of all must remain with 

Thank you for your efforts I also would like a good recognition prog of safety initiatives for this DDscale monitial.

On Tue, Oct 2, 2018, 1:36 AM Joe Orton <jorton@xxxxxxxxxx> wrote:
On Fri, Sep 28, 2018 at 11:22:22AM +0100, Joe Orton wrote:
> Example users are the mod_dav_fs lock database, mod_md's MD data store.
> With an API & default, these can have hard-coded default paths so the
> modules work without needing configuration.  The proxy cache root could
> count here too.

FWIW, part of the motivation here is being able to have a common
security policy for this kind of data, e.g. for SELinux.  When modules
like mod_md/mod_dav want to drop data at $Root/$Random_Name it is
hard/impossible to have SELinux policy which allows modules to work by
default.  If we have three categories of data separated into three

- run-time data: root-writable, temporary, readable by unprivileged children
- log data: root-writable, *append-only* data (open fails w/o O_APPEND)
- state data: unprivileged children have random access read/write

we can have SELinux policy which "just works", without needing custom
policy rules for mod_dav, and for mod_md, etc etc.

Two patches attached:

a) PoC implementation of StateDir/ap_state_dir_relative()

b) patches showing how this can be used in modules/.  Note this does
move the hard-coded default MdStoreDir for 2.5.x

I'll commit later in the week if there is no feedback.

Regards, Joe

Attachment: ClearMineral.png
Description: PNG image

Attachment: BolontiKoos.png
Description: PNG image

Attachment: REST LOGO.png
Description: PNG image

Attachment: image.jpg
Description: JPEG image