At Mon, 19 Sep 2011 19:54:26 +0200, Christian Boltz wrote:
Hello,
on Montag, 19. September 2011, Peter Czanik wrote:
On 09/15/2011 10:47 PM, Christian Boltz wrote:
I did not enable capabilities support in the syslog-ng package, as it was enforced by AppArmor anyway. But I have to reconsider it, if AppArmor is not installed by default...
Even with AppArmor installed, making your package more secure is always a good idea.
Or you just add a Requires: apparmor-profiles apparmor-utils ;-)
I tried it now and added --with-capabilities to configure, and BuildRequires: libcap-devel But starting syslog-ng now fails with:
linux-0a57:~ # syslog-ng -v syslog-ng: Error parsing capabilities: cap_net_bind_service,cap_net_broadcast,cap_net_raw,cap_dac_read_searc h,cap_dac_override,cap_chown,cap_fowner=p cap_syslog=ep
I was told, that this is a sign of too old capabilities package... cap_syslog was added around 2.6.38
Nice :-/ but not my area of responsibility ;-)
Please direct update requests for libcap to
# om libcap # [1] bugowner of Base:System/libcap : tiwai@suse.com
maintainer of Base:System/libcap : -
As kernel.org is down, I can't get the latest source for now. If anyone already updated it, feel free to submit. thanks, Takashi -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org