This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: staprun:init_cap:73: ERROR: cap_set_proc: Operation not permitted


Frank Ch. Eigler wrote:
> David Smith <dsmith@redhat.com> writes:
> 
>>> Red Hat Enterprise Linux Server release 5 (Tikanga)
>>> Kernel 2.6.24-rc7
> 
> (Just for clarity, that's not an RHEL5 kernel.)
> 
>>> [...]
>>> staprun:init_cap:73: ERROR: cap_set_proc: Operation not permitted
>> The answer before (from Martin) was that the kernel needs to be built
>> with CONFIG_SECURITY_CAPABILITIES=y
> 
> It would be nice if we had a reduced(?)-security fallback mode in the
> runtime to tolerate capability-less kernels.

It might be possible to just require the user to be root (either
directly or through sudo) if cap_set_proc() fails.

Would that be useful?

-- 
David Smith
dsmith@redhat.com
Red Hat
http://www.redhat.com
256.217.0141 (direct)
256.837.0057 (fax)


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]