19 Sep
2019
19 Sep
'19
1:55 p.m.
I found a way for 1/ which solves the problem. It is needed to have cap support in syslogng (--enable-caps), then --user tells syslogng to switch to this user and --caps cap_net_bind_service=ep allows syslogng to bind to priviledge ports despite being not root. LD_PRELOAD="/xxx/libjemalloc.so.2" works fine this way, as the binary is neither setuid nor has any capabilities set. -- Jean-Baptiste Fuzier