On Tuesday May 22 2007 11:23:24 am Robert Connolly wrote: > I ran 'strace -f' on klogd and found another problem, which is discussed > here: http://www.redhat.com/archives/axp-list/1998-October/msg01043.html > > Notice the date on that link.. this was never fixed upstream. > > klogd tries to use an unimplemented syscall 1024 (resource-limit-max) > times. Unimplemented syscalls don't return a newline character, and klogd > doesn't expect that, and it keeps trying.
My mistake. When I saw 1021 failed attempts to close non-existant file descriptors, I thought it was a bug, but it's not. Klogd loops through every possible file descriptor, to close them, before forking. It's not very efficient, or necessary, but it certainly makes sure none remain open. There's probably a reason for it, so I'll leave it alone. Klogd can't drop privileges with existing patches... when I try I see klogd opens /proc/kmsg as root, then chroots and drops to a regular user, but the kernel won't allow the regular user to read /proc/kmsg. This works on regular files, like when the syslog user opens /var/log/logfiles, but doesn't seem to work with /proc files. The same thing happens when trying to change priority with the kernel syslog call. I'm hoping to find a way to use Linux posix capabilities so klogd can drop to a regular user but keep root privileges on /proc/kmsg and syslog(2). The permissions on /proc/kmsg are deeper than filesystem permissions. Making it group readable doesn't have any affect. robert
pgpWPtw3aspdJ.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
