[syslog-ng] [Bug 52] CAP_DAC_OVERRIDE is missing when capabilities are enabled, unable to write to files created with the owner() option.
bugzilla at bugzilla.balabit.com
bugzilla at bugzilla.balabit.com
Mon Oct 11 15:03:30 CEST 2010
https://bugzilla.balabit.com/show_bug.cgi?id=52
Zbigniew Krzystolik <zbyniu at pld-linux.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |zbyniu at pld-linux.org
--- Comment #2 from Zbigniew Krzystolik <zbyniu at pld-linux.org> 2010-10-11 15:03:30 ---
> CAP_DAC_OVERRIDE is missing and necessary to open files not owned by root.
Yes, to open for writing/appending. I created patch fixing such problems.
- missing CAP_DAC_OVERRIDE, now owner(), group(), perms() works even if no DAC access is granted
- create_dirs works also for dirs with none permissions
- dir_owner(), dir_group(), dir_perms() are set as expected (added CAP_CHOWN, CAP_FOWNER)
All changes tested, also reloads with -HUP.
Now you can run syslog-ng as common user not root and all should work properly! :-)
--
Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the syslog-ng
mailing list