https://bugzilla.balabit.com/show_bug.cgi?id=31 Balazs Scheidler <bazsi@balabit.hu> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #1 from Balazs Scheidler <bazsi@balabit.hu> 2009-02-03 15:41:40 --- (In reply to comment #0)
mkdir /test/ mkfifo /test/fifo chmod 0 /test
and use pipe('/test/fifo') as source. syslog-ng 3.0.1 will fail with permission denied because it can't access /test/fifo due to dropped capabilities.
This is real example from Linux Vserver based system where /vservers has always 0 permission.
The solution would be probably to not drop some caps until sources are opened.
but then the same thing would happen once syslog-ng gets SIGHUP-ed. you can granularly control which capabilities are dropped, and also you can also disable capability dropping altogether: syslog-ng --help-all ... -C, --caps=<capspec> Set default capability set -N, --no-caps Disable managing Linux capabilities ... -- Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.