Lennart Poettering
Lennart Poettering
So, from my PoV I think the way is pretty clear: 1. Go by sd_device_get_usec_initialized(), not by event timestamp 2. Oldest device wins With these two rules we have best...
> Sure, and we did that already, and the feedback was that it broke existing rules for a bunch of stuff from cryptsetup onwards, so it had to be reverted....
what's the usecase for this?
> We had a use case where a service needs to be activated or deactivated depending on the existence of a file. When the file disappears, the service should be...
(I am not concerned about resource usage on this. inotify is really cheap. I am mostly concerned that I am not aware of any pattern where this could be used...
i still don't get the usecase. Can you elaborate on what kind of service you want to stop with this, and how that is not racy?
i did a superficial code review, but as mentioned, the usecase is not clear to me, i don#t really grok how this is supposed to be used in any scenario...
I a not sure I follow? are you suggesting to run the whole user session inside a userns? and how shall it talk to the network then? And what does...
note that ebpf provides everything to allow restricting which ports/ip addresses code can bind to. We expose that in IPAddressAllow=/IPAddressDeny= and SocketBindAllow=/SocketBindDeny=. But that has nothing to do with netns,...
i still don't grok what you really want to do here.