On Apr 11, 2013, at 1:59 AM, Matthieu Bienvenüe <[email protected]> wrote:
> How could I enable this tag ? In records.config: CONFIG proxy.config.diags.debug.tags STRING lm CONFIG proxy.config.diags.debug.enabled INT 1 > > Le 09/04/2013 20:20, Alan M. Carroll a écrit : >> Expected, using libcap is more secure but not more powerful. Essentially it >> enables the traffic_manager and traffic_server processes to completely drop >> root access and still work. Without it they retain the ability to restore >> super user status because otherwise they cannot perform restricted >> operations (such as bind to a reserved port). >> >> The only thing I can suggest at this point is to enable "lm" debug tags - >> those might provide some further insight. When a reserved port is bound >> without libcap (which is normally done in the traffic_manager process) it >> has to reset the euid to 0 and possibly that is failing because of VZ. >> > >
