[syslog-ng] [Bug 42] capabilities, chown, chmod
bugzilla at bugzilla.balabit.com
bugzilla at bugzilla.balabit.com
Tue May 5 15:10:04 CEST 2009
https://bugzilla.balabit.com/show_bug.cgi?id=42
--- Comment #3 from Zbigniew Krzystolik <zbyniu at pld-linux.org> 2009-05-05 15:10:04 ---
Created an attachment (id=14)
--> (https://bugzilla.balabit.com/attachment.cgi?id=14)
Better CAPs support
+ if (privileged)
+ g_process_cap_modify(CAP_SYS_ADMIN, TRUE);
+ saved_caps = g_process_cap_save();
Add CAP_SYS_ADMIN permanently on open /proc/kmsg but only if it is used. If you remove source /proc/kmsg and reload
cap will not be dropped.
+ g_process_cap_modify(CAP_DAC_OVERRIDE, TRUE);
CAP_DAC_OVERRIDE before create_containing_directory
- if (privileged)
- {
- g_process_cap_restore(saved_caps);
- }
+ g_process_cap_restore(saved_caps);
Restore caps always.
I've tested it all please review.
--
Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the syslog-ng
mailing list