> > So then why did vsftpd break if I didn't have the > capability module loaded? > > Hm, I left that out hoping you wouldn't ask :P Please note I'm not a > kernel guru. From what I understand vsftp is running as root > and forks a > process owned by nobody/ftp/<username> (depends on login way > anonymous/user/chrooted user etc. ) and these processes are forked as > root and reset per setuid() to the other user. This goes along with > limited capabilities (limited nice values etc.) Vsftp achives that by > the function prctl() function, which is part of the capabilities code. > > Maybe this > http://www.ussg.iu.edu/hypermail/linux/kernel/0406.3/0697.html > helps on understanding. Very geeky stuff though. > > -tobbi
Geeky stuff indeed. And gibberish to me, unfortunately. I think I'll just have to mark this in my brain as "this is just the way it is; don't bother trying to understand". :-) One last question: I thought I gathered from what you wrote in an earlier email that this capabilities kernel module will no longer need to be used now that the kernel has been patched in some other way to deal with real-time behavior. Have I got that correct? If so, when would that be expected to show up in an Arch kernel release?: In a 2.6.12.x version or a 2.6.13? Thanks, DR ============================================================================== Please access the attached hyperlink for an important electronic communications disclaimer: http://www.csfb.com/legal_terms/disclaimer_external_email.shtml ============================================================================== _______________________________________________ arch mailing list [email protected] http://www.archlinux.org/mailman/listinfo/arch
