I have pushed a patch for changing the configuration. It is independent
of being able to still support some form of dropping capabilities via
zprivs. I will follow up when that one once I get it working/tested.
Regards,
Jafar
On 7/27/2016 9:45 AM, Paul Jakma wrote:
On Wed, 27 Jul 2016, Jafar Al-Gharaibeh wrote:
Configuration-wise, if you don't configure user/group (via,
--enable-user and --enable-group) you get user=group=quagga by
default. If you do configure them then you get what you configure. I
have tried --disable-user and --disable-group and it was equivalent
to setting the user/group to root. Would it make sense to make
--disable-user and --disable-group unset QUAGGA_USER and QUAGGA_GROUP
in the configuration to trigger the new behavior (one of what you
described below)?
That'd make sense to me.
As it stands this is the only change needed to make things work,
although I like your third suggestion so I will try and get that to
work as well.
That'd be the ideal, if you can make that work. Should just need
tweaks to the zprivs_init path I think. As long as you end up with it
not having tried to change UID, and having set zprivs->change =
zprivs_change_caps, then should hopefully work I think.
regards,
_______________________________________________
Quagga-dev mailing list
[email protected]
https://lists.quagga.net/mailman/listinfo/quagga-dev
