[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Dazuko-devel] Linux Common Capabilities
From: |
Christoph Hanslik |
Subject: |
Re: [Dazuko-devel] Linux Common Capabilities |
Date: |
Thu, 23 Sep 2004 19:44:48 +0200 |
User-agent: |
KMail/1.6.2 |
Am Donnerstag, 23. September 2004 10:22 schrieb John Ogness:
...
>
> When booting, the following kernel modules should be loaded (in this
> order):
>
> commoncap
> dazuko
> capability
>
> This should work (it does for SuSE and for the for the "pure" Linux
> kernels).
>
> John Ogness
Dear listmembers, dear John,
yes, dazuko and avguard is running this way, but to run name server (bind
9.2.3) and time server (xntp 4.0.2a) lets me desperate.
That is a SuSE9.1 system running latest kernel 2.6.5-7.108-default.
The module commoncap.ko is not compiled regularly by SuSE edition, the
Makefile in /usr/src/linux-2.6.5-7.108-default/security/ does not include the
commoncap.c. So I used the Makefile of the source tree from kernel.org
2.6.8.1, which does its work properly in the SuSE source tree.
One pain is:
----
debby:~ # rcnamed start
Starting name server BIND 9 done
debby:~ # named: capset failed: Operation not permitted
debby:~ # rcnamed status
Checking for nameserver BIND 9 unused
debby:~ #
----
the other:
----
debby:~ # rcxntpd start
Starting network time protocol daemon (NTPD) done
debby:~ # rcxntpd status
Checking for network time protocol daemon (NTPD): dead
debby:~ #
----
else I read in some postings elsewhere that samba has the same problem to
share one machine with dazuko. This is the same with the 2.6.8.1 kernel from
kernel.org.
My personel lack is that I am not a kernel hacker and I don't know about these
capabilities, only heard that it is new in kernel 2.6.x.
Now lets have a look at the concerned /boot/grub/menu.lst entry:
----
###Don't change this comment - YaST2 identifier: Original name: linux###
title Linux
kernel (hd0,0)/boot/vmlinuz root=/dev/hda1 vga=0x317 splash=0 selinux=0 \
capability=0 desktop resume=/dev/hda2 showopts
initrd (hd0,0)/boot/initrd
----
the vmlinuz and initrd are linked to the current kernel version
2.6.5-7.108-default. selinux=0 and capability=0 I was recommended to set here
even the option
# CONFIG_SECURITY_SELINUX is not set
in kernel .config but it will not harm.
Hopefully waiting for some hints that let me run named and xntpd and later I
want to try samba on that server that shall sort out the virusses ...
yours
Christoph
--
>> -- address@hidden -- <<
>> -- http://www.hanslux.de -- <<