[syslog-ng] [Bug 108] 2.6.38+ will require CAP_SYSLOG (CAP_SYS_ADMIN not enough)
bugzilla at bugzilla.balabit.com
bugzilla at bugzilla.balabit.com
Thu Jan 20 18:16:16 CET 2011
https://bugzilla.balabit.com/show_bug.cgi?id=108
Gergely Nagy <algernon at balabit.hu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #34 is|0 |1
obsolete| |
--- Comment #7 from Gergely Nagy <algernon at balabit.hu> 2011-01-20 18:16:16 ---
(From update of attachment 34)
Did some more research, and this is looking to be harder and harder without some kind of version sniffing.
Using a libcap that doesn't know a thing about CAP_SYSLOG, syslog-ng will abort on 'cap_syslog=ep' on startup, regardless of what kernel is running under it
(tested with stock Debian Squeeze kernel, 2.6.32+patches, no CAP_SYSLOG; and with 2.6.38-rc1 with CAP_SYSLOG).
Using a patched libcap that does know about CAP_SYSLOG will succeed, on both kernels, and even if I try to verify that the process has the flag I just set, it
still returns true for both kernels, regardless whether they do support CAP_SYSLOG or not.
This looks rather hopeless to me, unfortunately.
--
Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the syslog-ng
mailing list