In message <[EMAIL PROTECTED]> Tom Hughes <[EMAIL PROTECTED]> wrote:
> In message <[EMAIL PROTECTED]> > Axel Thimm <[EMAIL PROTECTED]> wrote: > > > On Thu, Dec 23, 2004 at 10:04:41PM +0000, Tom Hughes wrote: > > > In message <[EMAIL PROTECTED]> > > > Brad Templeton <[EMAIL PROTECTED]> wrote: > > > > > > > I have mythfrontend owned by root and set to run suid. However, > > > > when i run it it reports: > > > > > > > > pthread-setschedparam: Operation not permitted > > > > Running as SUID root would allow some threads to run with realtime... > > > > > > Same here. I have to actually run it as root to make that message > > > go away. I assume it must be giving up privileges too early. > > > > what about selinux? Did you try turning it off (selinux=0 in the > > kernel command line)? If that helps then having mythtv running suid > > will requires writing policies for it. :/ > > That does appear to fix it, yes. There were none of the usual selinux > warnings in the system log though or I would have tried that. I have no idea why I thought that - turning of selinux definitely doesn't fix this at all. The problem appears to be that the kernel now implements setuid properly so that it changes the UID of the process rather than just the current thread so it isn't possible to have a privileged thread anymore. Basically the whole scheme only worked because threads on linux are effectively processes at the kernel level and certain system calls didn't properly take account of that, including setuid. Tom -- Tom Hughes ([EMAIL PROTECTED]) http://www.compton.nu/
_______________________________________________ mythtv-users mailing list mythtv-users@mythtv.org http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users