Bug#511298: marked as done (/usr/sbin/rsyslogd: rsyslog asking for CAP 21)

Mon, 12 Jan 2009 17:23:31 -0800 

Your message dated Tue, 13 Jan 2009 02:19:49 +0100
with message-id <[email protected]>
and subject line Re: Bug#511298: /usr/sbin/rsyslogd: rsyslog asking for CAP 21
has caused the Debian Bug report #511298,
regarding /usr/sbin/rsyslogd: rsyslog asking for CAP 21
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
511298: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511298
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: rsyslog
Version: 3.18.6-2
Severity: normal
File: /usr/sbin/rsyslogd


I was playing with capabilities and found the following messages by
rsyslog.

Jan  9 16:02:36 learner kernel: [11680.272502] cr_capable: asking for
capability 21 for rsyslogd

Looking at capability.h:

/* Allow configuration of the secure attention key */
/* Allow administration of the random device */
/* Allow examination and configuration of disk quotas */
/* Allow configuring the kernel's syslog (printk behaviour) */
/* Allow setting the domainname */
/* Allow setting the hostname */
/* Allow calling bdflush() */
/* Allow mount() and umount(), setting up new smb connection */
/* Allow some autofs root ioctls */
/* Allow nfsservctl */
/* Allow VM86_REQUEST_IRQ */
/* Allow to read/write pci config on alpha */
/* Allow irix_prctl on mips (setstacksize) */
/* Allow flushing all cache on m68k (sys_cacheflush) */
/* Allow removing semaphores */
/* Used instead of CAP_CHOWN to "chown" IPC message queues, semaphores
   and shared memory */
/* Allow locking/unlocking of shared memory segment */
/* Allow turning swap on/off */
/* Allow forged pids on socket credentials passing */
/* Allow setting readahead and flushing buffers on block devices */
/* Allow setting geometry in floppy driver */
/* Allow turning DMA on/off in xd driver */
/* Allow administration of md devices (mostly the above, but some
   extra ioctls) */
/* Allow tuning the ide driver */
/* Allow access to the nvram device */
/* Allow administration of apm_bios, serial and bttv (TV) device */
/* Allow manufacturer commands in isdn CAPI support driver */
/* Allow reading non-standardized portions of pci configuration space */
/* Allow DDI debug ioctl on sbpcd driver */
/* Allow setting up serial ports */
/* Allow sending raw qic-117 commands */
/* Allow enabling/disabling tagged queuing on SCSI controllers and
 * sending
   arbitrary SCSI commands */
/* Allow setting encryption key on loopback filesystem */

#define CAP_SYS_ADMIN        21


Does rsyslog need any of these capabilities ?
Why would a logging daemon want to fiddle with ide/scsi commands ?


Ritesh

-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-custom (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages rsyslog depends on:
ii  libc6                  2.7-16            GNU C Library: Shared libraries
ii  lsb-base               3.2-20            Linux Standard Base 3.2 init scrip
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

Versions of packages rsyslog recommends:
ii  logrotate                     3.7.7-2    Log rotation utility

Versions of packages rsyslog suggests:
pn  rsyslog-doc                   <none>     (no description available)
pn  rsyslog-mysql | rsyslog-pgsql <none>     (no description available)

-- no debconf information

--- End Message ---
--- Begin Message --- 
Ritesh Raj Sarraf wrote:
> Package: rsyslog
> Version: 3.18.6-2
> Severity: normal
> File: /usr/sbin/rsyslogd
> 
> 
> I was playing with capabilities and found the following messages by
> rsyslog.
> 
> Jan  9 16:02:36 learner kernel: [11680.272502] cr_capable: asking for
> capability 21 for rsyslogd
> 
> Looking at capability.h:
> 

...

> /* Allow configuring the kernel's syslog (printk behaviour) */

...

> #define CAP_SYS_ADMIN        21
> 
> 
> Does rsyslog need any of these capabilities ?

It is required for the imklog plugin which is used for receiving kernel log
messages.
See plugins/imklog/linux.c

> Why would a logging daemon want to fiddle with ide/scsi commands ?

It's got nothing to do with ide/scsi commands.


I can't see a bug here, so closing.

Michael


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

Attachment: signature.asc
Description: OpenPGP digital signature


--- End Message ---

Reply via email to