Hi,
I am trying to run syslog-ng v1.6.8 without root privileges, under
dedicated account. All goes fine, except messages from kernel buffer
/proc/kmsg. I'm not surprised, because /proc/kmsg have permission bits
set to 0400 and owner:group to root:root. As I know in good old
app-admin/sysklogd same goal accomplished by actually running two
processes: one which reads from /proc/kmsg under root privileges &
another one which reads from /dev/log and does everything else under
dedicated non-root account. May be we need to ask syslog-ng authors to
implement the same scheme as in sysklogd?
Thanks in advance.
--
gentoo-security@gentoo.org mailing list
I am trying to run syslog-ng v1.6.8 without root privileges, under
dedicated account. All goes fine, except messages from kernel buffer
/proc/kmsg. I'm not surprised, because /proc/kmsg have permission bits
set to 0400 and owner:group to root:root. As I know in good old
app-admin/sysklogd same goal accomplished by actually running two
processes: one which reads from /proc/kmsg under root privileges &
another one which reads from /dev/log and does everything else under
dedicated non-root account. May be we need to ask syslog-ng authors to
implement the same scheme as in sysklogd?
Thanks in advance.
--
gentoo-security@gentoo.org mailing list