Re: POSIX capabilities patch

To: debian-devel@lists.debian.org
Subject: Re: POSIX capabilities patch
From: "Miquel van Smoorenburg" <miquels@cistron.nl>
Date: Sat, 15 Nov 2003 17:50:37 +0000 (UTC)
Message-id: <[🔎] bp5p1d$gfm$1@news.cistron.nl>
References: <[🔎] 20031112021147.GZ1459@falcon.fugal.net> <[🔎] 20031113095145.GA1803@wonderland.linux.it> <[🔎] 87fzgqkmse.wl@netfort.gr.jp> <[🔎] 20031115163401.GA2483@wonderland.linux.it>

In article <[🔎] 20031115163401.GA2483@wonderland.linux.it>,
Marco d'Itri  <md@Linux.IT> wrote:
>On Nov 15, Junichi Uekawa <dancer@netfort.gr.jp> wrote:
>
> >>  >And if i enable SETPCAP for init, will init drop that capability? Will it
> >>  >pass it to all started programs?
> >> See http://www.linux.it/~md/ssd.tgz .
> >> No kernel hacks needed.
> >I see a 404. 
>Sorry: http://www.linux.it/~md/software/ssd.tgz .

Should that go into /sbin/init itself, so that you can boot with
initcaps=eip,cap_setpcap+eip on the command line ? Or is it still
too early to put that into init upstream ?

I assume init then has to link against libcap or something.
Would it add a lot of size to the binary ?

Mike.

Reply to:

Follow-Ups:
- Re: POSIX capabilities patch
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: POSIX capabilities patch
  - From: Marco d'Itri <md@Linux.IT>

References:
- POSIX capabilities patch
  - From: Hans Fugal <hans@fugal.net>
- Re: POSIX capabilities patch
  - From: Marco d'Itri <md@Linux.IT>
- Re: POSIX capabilities patch
  - From: Junichi Uekawa <dancer@netfort.gr.jp>
- Re: POSIX capabilities patch
  - From: Marco d'Itri <md@Linux.IT>

Prev by Date: Re: Some observations regardig the progress towards Debian 3.1
Next by Date: Re: Some observations regardig the progress towards Debian 3.1
Previous by thread: Re: POSIX capabilities patch
Next by thread: Re: POSIX capabilities patch
Index(es):
- Date
- Thread