[syslog-ng] 2.6.38: CAP_SYSLOG
Sergey Senozhatsky
sergey.senozhatsky at gmail.com
Tue Feb 1 17:34:02 CET 2011
Hello,
During 2.6.38 development CAP_SYSLOG has been introduced to perform syslog
operations, older CAP_SYS_ADMIN is not sufficient anymore.
commit 38ef4c2e437d11b5922723504b62824e96761459
commit ce6ada35bdf710d16582cc4869c26722547e6f11
do_syslog now is as follows:
int do_syslog(int type, char __user *buf, int len, bool from_file)
{
[..]
if (type == SYSLOG_ACTION_OPEN || !from_file) {
if (dmesg_restrict && !capable(CAP_SYSLOG))
goto warn; /* switch to return -EPERM after 2.6.39 */
if ((type != SYSLOG_ACTION_READ_ALL &&
type != SYSLOG_ACTION_SIZE_BUFFER) &&
!capable(CAP_SYSLOG))
goto warn; /* switch to return -EPERM after 2.6.39 */
}
[..]
CAP_SYSLOG introduced to libcap in version 2.20.
#define CAP_SYSLOG 34
Sergey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 316 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20110201/2f71e0db/attachment.pgp
More information about the syslog-ng
mailing list