Hi,
please check:
http://
bugs.gentoo.org/show_bug.cgi?id=150844
On 11/17/05, varagnat bertin.fr <varagnatbertin.fr> wrote:
>
> > I ran syslog-ng as a non-root user once before,
but now I run it as
> > root. From what I can remember, syslog-ng opened
/proc/kmsg before
> > dropping privileges, however when you sent the HUP
signal (i.e. after
> > running logrotate) it closed all the files and
reopened them again.
> > Because it no longer had root permissions, it
couldn't
> > reopen /proc/kmsg.
>
> This looks like a design problem.
>
>
> > If /proc/kmsg was group readable and the group was
set to a special
> > logger group, then I don't see why syslog-ng
couldn't be run as a
> > non-root user.
>
> Yes.
> Searching for more info I saw that syslog-ng is able to
chroot it self.
> But the problem is the same when you want him to
re-read its configuration file by sending the SIGHUP
signal...
>
>
>
>
> Les informations contenues dans ce message électronique
peuvent être de nature confidentielle et soumises à une
obligation de secret. Elles sont destinées à l'usage
exclusif du réel destinataire. Si vous n'êtes pas le réel
destinataire ou si vous recevez ce message par erreur, merci
de nous le notifier immédiatement en le retournant à
l'adresse de son émetteur.
>
> The information contained in this e-mail may be
privileged and confidential. It is intended for the
exclusive use of the designated recipients named above. If
you are not the intended recipient or if you receive this
e-mail in error, please notify us immediatly and return the
original message at the address of the sender.
>
>
> --
> gentoo-securitygentoo.org mailing list
>
>
--
Miguel Sousa Filipe
--
gentoo-securitygentoo.org mailing list
|