On Tuesday, September 20, 2011 09:06:22 Takashi Iwai wrote:
At Mon, 19 Sep 2011 19:54:26 +0200,
Christian Boltz wrote:
Hello,
on Montag, 19. September 2011, Peter Czanik wrote:
On 09/15/2011 10:47 PM, Christian Boltz wrote:
I did not enable capabilities support in the syslog-ng package, as it was enforced by AppArmor anyway. But I have to reconsider it, if AppArmor is not installed by default...
Even with AppArmor installed, making your package more secure is always a good idea.
Or you just add a Requires: apparmor-profiles apparmor-utils ;-)
I tried it now and added --with-capabilities to configure, and BuildRequires: libcap-devel But starting syslog-ng now fails with:
linux-0a57:~ # syslog-ng -v syslog-ng: Error parsing capabilities: cap_net_bind_service,cap_net_broadcast,cap_net_raw,cap_dac_read_searc h,cap_dac_override,cap_chown,cap_fowner=p cap_syslog=ep
I was told, that this is a sign of too old capabilities package... cap_syslog was added around 2.6.38
Nice :-/ but not my area of responsibility ;-)
Please direct update requests for libcap to
# om libcap # [1] bugowner of Base:System/libcap : tiwai@suse.com
maintainer of Base:System/libcap : -
As kernel.org is down, I can't get the latest source for now. If anyone already updated it, feel free to submit.
I found 2.22 - will update and do a submitrequest, Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org