KaiGai Kohei wrote:
Hawk Xu wrote:
KaiGai Kohei wrote:
I would like to confirm your environment.
Q.1 Did you also update '/lib/libcap.so'?
getfcaps/setfcaps depends on libcap, so you have to update the
library.
Yes, I deleted the libcap1 package of Ubuntu and installed
libcap-1.10-25.kg.i386.rpm and libcap-devel-1.10-25.kg.i386.rpm.
Q.2 Does '/usr/sbin/getpcaps 1' work fine?
getpcaps also depends on libcap. It works fine, or not?
I got the "Floating point exception" error yesterday. Yesterday,
after I installed libcap-1.10-25.kg.i386.rpm, my box cannot
successfully boot, the boot procedure just stopped, gdm could not
start, login program could not run, I think maybe many programs just
rely on the original libcap library, right? Later yesterday, I
removed libcap-1.10-25.kg.i386.rpm and
libcap-devel-1.10-25.kg.i386.rpm, and installed the original libcap
package, and then my box booted ok.
Sorry, modified libcap has not been tested yet on the any distribution
except Fedora Core 6.
Can anyone tell me the exact reason why my Ubuntu 6.10(without the file
caps kernel patch) cannot boot with modified libcap?
Can anyone boot FC6 with modified libcap and *without* Serge E. Hallyn's
file caps kernel patch?
If Serge E. Hallyn's file caps kernel patch and modified libcap are
applied in my Ubuntu 6.10, and all related programs(e.g. login, mount,
sshd) are set with proper capabilities, will my ubuntu boot without any
problems?
And, what if I have a capabities.conf:
.....
/usr/sbin/useradd
{
cap_dac_override,cap_fowner,cap_chown+ep
cap_sec_admin+ei
}
/usr/sbin/userdel
{
cap_dac_override,cap_fowner,cap_chown+ep
cap_sec_admin+ei
}
/usr/sbin/groupmod
{
cap_dac_override,cap_fowner,cap_chown+ep
cap_sec_admin+ei
}
.....
and I want to use "setfcaps -f capabilities.conf" to set all the caps
for all related programs...
Just a proposal.
Thanks!
Hawk
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
