- **status**: accepted --> review
---
** [tickets:#1138] opensaf as non root cannot be started in a container**
**Status:** review
**Milestone:** 4.3.3
**Created:** Fri Sep 26, 2014 06:43 AM UTC by Hans Feldt
**Last Updated:** Fri Sep 26, 2014 06:48 AM UTC
**Owner:** Hans Feldt
OpenSAF (non root) fails to start in a linux container. Reason is that AMF
started components such as SMFD runs as opensaf/opensaf but get changed to
whatever the binaries was installed as. The start fails because the processes
cannot write their PID files into the directory /var/run/opensaf which is owned
by opensaf.
This was a not so well thought idea in ncs_os_process_execute_timed() that was
supposed to get more security.
Besides these are system calls executed in between fork() and exec() which we
have had lots of problems with before.
This "feature" should be removed.
---
Sent from sourceforge.net because [email protected] is
subscribed to https://sourceforge.net/p/opensaf/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://sourceforge.net/p/opensaf/admin/tickets/options. Or, if this is a
mailing list, you can unsubscribe from the mailing list.
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Opensaf-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensaf-tickets
