Re: [Dazuko-devel] Linux Common Capabilities

dazuko-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Dazuko-devel] Linux Common Capabilities

From:	Christoph Hanslik
Subject:	Re: [Dazuko-devel] Linux Common Capabilities
Date:	Thu, 23 Sep 2004 19:44:48 +0200
User-agent:	KMail/1.6.2

Am Donnerstag, 23. September 2004 10:22 schrieb John Ogness:
...
>
> When booting, the following kernel modules should be loaded (in this
> order):
>
> commoncap
> dazuko
> capability
>
> This should work (it does for SuSE and for the for the "pure" Linux
> kernels).
>
> John Ogness

Dear listmembers, dear John,

yes, dazuko and avguard is running this way, but to run name server (bind 
9.2.3) and  time server (xntp 4.0.2a) lets me desperate.

That is a SuSE9.1 system running latest kernel 2.6.5-7.108-default.
The module commoncap.ko is not compiled regularly by SuSE edition, the 
Makefile in /usr/src/linux-2.6.5-7.108-default/security/ does not include the 
commoncap.c. So I used the Makefile of the source tree from kernel.org 
2.6.8.1, which does its work properly in the SuSE source tree.

One pain is:

----
debby:~ # rcnamed start
Starting name server BIND 9                                             done
debby:~ # named: capset failed: Operation not permitted

debby:~ # rcnamed status
Checking for nameserver BIND 9                                  unused
debby:~ # 
----

the other:

----
debby:~ # rcxntpd start
Starting network time protocol daemon (NTPD)                    done
debby:~ # rcxntpd status
Checking for network time protocol daemon (NTPD):               dead
debby:~ # 
----

else I read in some postings elsewhere that samba has the same problem to 
share one machine with dazuko. This is the same with the 2.6.8.1 kernel from 
kernel.org.

My personel lack is that I am not a kernel hacker and I don't know about these 
capabilities, only heard that it is new in kernel 2.6.x.

Now lets have a look at the concerned /boot/grub/menu.lst entry:

----
###Don't change this comment - YaST2 identifier: Original name: linux###
title Linux
    kernel (hd0,0)/boot/vmlinuz root=/dev/hda1 vga=0x317 splash=0 selinux=0 \ 
capability=0 desktop resume=/dev/hda2 showopts
    initrd (hd0,0)/boot/initrd
----

the vmlinuz and initrd are linked to the current kernel version 
2.6.5-7.108-default. selinux=0 and capability=0 I was recommended to set here 
even the option
# CONFIG_SECURITY_SELINUX is not set
in kernel .config but it will not harm.

Hopefully waiting for some hints that let me run named and xntpd and later I 
want to try samba on that server that shall sort out the virusses ...

yours
Christoph

-- 
>> -- address@hidden    -- <<
>> -- http://www.hanslux.de -- <<

[Prev in Thread]

Current Thread

[Next in Thread]

[Dazuko-devel] Linux Common Capabilities, Eli Wapniarski, 2004/09/19
- Re: [Dazuko-devel] Linux Common Capabilities, John Ogness, 2004/09/19
  - Message not available
    - Message not available
    - Message not available
    - Re: [Dazuko-devel] Linux Common Capabilities, John Ogness, 2004/09/23
    - Re: [Dazuko-devel] Linux Common Capabilities, Christoph Hanslik <=
    - Re: [Dazuko-devel] Linux Common Capabilities, John Ogness, 2004/09/23
    - Re: [Dazuko-devel] Linux Common Capabilities, Christoph Hanslik, 2004/09/24

Prev by Date: Re: [Dazuko-devel] Linux Common Capabilities
Next by Date: Re: [Dazuko-devel] Linux Common Capabilities
Previous by thread: Re: [Dazuko-devel] Linux Common Capabilities
Next by thread: Re: [Dazuko-devel] Linux Common Capabilities
Index(es):
- Date
- Thread