[syslog-ng] [Bug 108] 2.6.38+ will require CAP_SYSLOG (CAP_SYS_ADMIN not enough)

bugzilla at bugzilla.balabit.com bugzilla at bugzilla.balabit.com
Sat Sep 10 19:43:32 CEST 2011


https://bugzilla.balabit.com/show_bug.cgi?id=108





--- Comment #31 from Arkadiusz Miśkiewicz <arekm at maven.pl>  2011-09-10 19:43:32 ---
One small note.

ret = prctl(PR_CAPBSET_READ, CAP_SYSLOG);

approach for detection will fail on vserver patched kernel. vserver patch (for 2.6.35 as example) used
the same capability number as CAP_SYSLOG uses now thus test above will think
CAP_SYSLOG is available while in reality some vserver CAP was tested.

PLD uses this additional patch as workaround:
http://cvs.pld-linux.org/cgi-bin/cvsweb/packages/syslog-ng/cap_syslog-vserver-workaround.patch?rev=1.1


-- 
Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.


More information about the syslog-ng mailing list