Brent Baude

[email protected]

Red Hat Harris, MN Senior Principle Software Engineer - Podman Architect RedHat

Results 191 comments of


                                            Brent Baude

Security of OpenSCAP daemon features

The CVE scan of a containers/images does require root privs because it has to mount a thinpool device. So while the scan itself does not need to be technically run...

Possible to get out of the box (rootful) host-to-container name resolution?

Interesting notion. Just some initial thoughts. With aardvark-dns, we were careful to enforce name lookups based on network connectivity and to not return an answer that the 'asker' about something...

build(deps): bump futures-util from 0.3.23 to 0.3.24

/approve

build(deps): bump futures-util from 0.3.23 to 0.3.24

/lgtm

Shall we lookup host's /etc/hosts before forwarding other request to host's /etc/resolv.conf?

I would tend to agree with you @mheon ... we have no way to programmatically determine intent.

coredns: response message always set recursion available (`RA`) when `RD` is set in request

/lgtm

coredns: do not combine results of `A` and `AAAA` records when query type only requests specific result.

/lgtm

build(deps): bump anyhow from 1.0.65 to 1.0.66

/approve /lgtm

build(deps): bump futures-util from 0.3.24 to 0.3.25

/approve /lgtm

netavark dns resolves container fqdn on only one network when multiple networks connected

should this be moved to nv?

‹
1
2
3
4
5
6
7
8
9
10
...
19
20
›