[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#126750: klogd should optionally be started from init(8)

On Sun, Dec 30, 2001 at 08:13:36PM -0200, Henrique de Moraes Holschuh wrote:

Just to make that clear: I didn't want to imply that you were stupid. 

> I want the LOGGING daemons (i.e. only syslog and klogd), which ALREADY run
> as root, to be restarted should they die. Due to OOM killer, due to
> segfaults. Whatever.

It could be argued that those need not be run as root. All they need
are the necessary capabilities:

Open a low port for syslogd (only if you allow remote logging) and
read the kernel message buffer for klogd. That is not too difficult
to archieve. OTOH does a syslogd running as root offer the possibility
of a local or even remote root exploit. That is the reason Debian
ships with remote logging disabled by default. With a proper setup and
a little setuid root wrapper they can perfectly run as daemon. And with
fs-based POSIX capabilites you don't even need the wrapper.

BTW. I still don't see a need for a special treatment of the logging
daemons. If they fail, they fail. The system still works. But if they
are not killed by OOM because of an excemption the system might kill
the nfs daemon or the sendmail process.  So where do you draw the line?
Keep in mind that if the system is so resource starved that the OOM
mechanism kicks in, the failing processes might not be able to log
anything meaningful anyway.

Dominik Kubla
ScioByte GmbH    Zum Schiersteiner Grund 2     55127 Mainz (Germany)
Phone: +49 700 724 629 83                    Fax: +49 700 724 629 84
1024D/717F16BB    A384 F5F1 F566 5716 5485  27EF 3B00 C007 717F 16BB

Reply to: