Lines Matching refs:and
21 (*) Security model and SELinux.
38 reaping stale nodes and culling. This is called cachefilesd and lives in
41 The filesystem and data integrity of the cache are only as good as those of the
48 and whilst it is open, a cache is at least partially in existence. The daemon
49 opens this and sends commands down it to control the cache.
56 placed on the same medium as a live set of data, and will expand to make use of
57 spare space and automatically contract when the set of data requires more
65 The use of CacheFiles and its daemon requires the following features to be
66 available in the system and in the cache filesystem:
72 - openat() and friends.
97 The defaults are 7% (run), 5% (cull) and 1% (stop) respectively.
131 configures the cache and tells it to begin caching. At that point the cache
132 binds to fscache and the cache becomes live.
142 Increase the debugging level. This can be specified multiple times and
151 Don't daemonise and go into background.
166 Do not create, rename or unlink files and directories in the cache whilst the
191 Cache culling is done on the basis of the percentage of blocks and the
198 If the amount of free space and the number of available files in the cache
220 Note that these are percentages of available space and available files, and do
244 The daemon uses dnotify to monitor the graveyard directory, and will delete
276 make a nest of directories, and the last one of which will be the objects
283 Note that keys are raw data, and not only may they exceed NAME_MAX in size,
284 they may also contain things like '/' and NUL characters, and so they may not
287 To handle this, CacheFiles will use a suitably printable filename directly and
301 type ID (required to distinguish special objects) and the auxiliary data from
302 the netfs. The latter is used to detect stale objects in the cache and update
315 the Linux kernel and the SELinux facility.
318 behalf of a process, and running in that process's context, and that includes a
325 fsgid and actor security label) that the process acts as - without changing the
327 some other process (so signalling and suchlike still work correctly).
332 (1) Finds the security label attached to the root cache directory and uses
343 and asks LSM to supply a security ID as which it should act given the
358 The module's security ID gives it permission to create, move and remove files
359 and directories in the cache, to find and access directories and files in the
360 cache, to set and access extended attributes on cache objects, and to read and
364 may scan directories, stat files and erase files and directories. It may
365 not read or write files in the cache, and so it is precluded from accessing the
373 and later versions. In that tarball, see the files:
379 They are built and installed directly by the RPM.
382 directory and run:
387 You will need checkpolicy and selinux-policy-devel installed prior to the
410 its own task_security structure, and redirects current->cred to point to it
413 The reason it does this is that it calls vfs_mkdir() and suchlike rather than
414 bypassing security and calling inode ops directly. Therefore the VFS and LSM
428 This means it may lose signals or ptrace events for example, and affects what
432 objective security (task->real_cred) and the subjective security (task->cred).
433 The objective security holds the intrinsic security properties of a process and
434 is never overridden. This is what appears in /proc, and is what is used when a
438 The subjective security holds the active security properties of a process, and
439 may be overridden. This is not seen externally, and is used whan a process
445 files and directories with another security label.
456 then it will gather certain statistics and display them through a proc file.
465 between 0 jiffies and HZ-1 jiffies a variety of tasks took to run. The
476 jiffy range covered, and the SECS field the equivalent number of seconds.
496 The appropriate set of values should be OR'd together and the result written to