About this list Date view Thread view Subject view Author view Attachment view

From: edward_at_DigitalAngel.com.au
Date: Sat 07 Dec 2002 - 00:55:21 GMT


Hi Brian,

Kernel logger (klogd) requires access to the kernel messages buffer
which could allow klogd running inside vserver to "steal"
messages intended for the root server.

This capability inside vserver is controlled by CAP_SYS_ADMIN
so if you have a special purpose vserver for monitoring etc..
then simply add CAP_SYS_ADMIN in the appropriate vserver conf file
(beware of the security consequences) and your klogd should run ok

However, if it's a generic vserver ( looks like this is the case here ) then
it shouldn't be running klogd.

hth
Ed

On Saturday, 7 December 2002 at 0:08, Brian Ipsen wrote:

> One more newbiw question: How come that the shutdown for a virtual host
> gives me an error on the kernel logger ? Should the kernel logger be
> disabled on each vserver ?


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Fri 13 Dec 2002 - 03:49:14 GMT by hypermail 2.1.3