| === matsubara-afk is now known as matsubara | ||
| === matsubara is now known as matsubara-afk | ||
| roaksoax | Daviey: howdy! So I was wondering if something about the backporting/SRU'ing of MAAS has been discussed yet? | 13:51 |
|---|---|---|
| Daviey | roaksoax: no, still a little early | 14:42 |
| roaksoax | Daviey: right, but my point being is that we are introducing dependencies that are not even in precise's archive | 15:09 |
| roaksoax | Daviey: so was just wondering if a plan was drafted to deal with that | 15:09 |
| roaksoax | we can't simply be shipping more stuff with MAAS source | 15:09 |
| roaksoax | IMHO | 15:10 |
| allenap | Daviey: In the fullness of time, is the plan to do ephemeral (via iSCSI) boot, and allow ubiquity to install from that? | 15:55 |
| rvba | Daviey: looks like the default apparmor profile will prevent named to read the files in /var/cache/maas/bind don't you think? I was trying to run a stupid (read with minimal configuration) dns server on a non standard port as a non-privileged | 15:59 |
| rvba | user and then I realized apparmor won't allow that. | 15:59 |
| rvba | Daviey: do you have any idea how to circumvent that problem? | 16:00 |
| Daviey | allenap: we won't be using ubiquity this cycle | 16:00 |
| allenap | Daviey: For 13.04 perhaps? | 16:01 |
| Daviey | rvba: just use the bind location for now.. | 16:01 |
| Daviey | allenap: right | 16:01 |
| allenap | Ta. | 16:01 |
| rvba | Daviey: that means we can't run a stupid bind instance as part of the dev environment, or even in a fixture :(. | 16:02 |
| Daviey | arse | 16:02 |
| Daviey | rvba: join #ubuntu-hardened | 16:03 |
| rvba | We can live with it, but it reduce our ability to test things. | 16:03 |
| rvba | reduces* | 16:03 |
| allenap | Daviey, rvba: Does the apparmor profile apply if running bind as a different user? (/me has never used apparmor). | 16:07 |
| rvba | allenap: definitely does. | 16:08 |
| rvba | allenap: the profile is linked to the executable. | 16:08 |
| allenap | Grumble. | 16:08 |
| allenap | rvba: It'll allow any file under /etc/bind and /var/cache/bind, so perhaps use /var/cache/bind/maas instead of /var/cache/maas/bind? | 16:22 |
| rvba | allenap: Daviey says maybe we can have a named.d directory. But in the mean time, you're right, we will use /var/cache/bind/maas I think. | 16:31 |
| === matsubara-afk is now known as matsubara | ||
| === matsubara is now known as matsubara-afk | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!