1 |
On Mon, 2005-11-14 at 17:37 -0500, Dale Pontius wrote: |
2 |
> Peter Shaw wrote: |
3 |
> |
4 |
> >On Monday 14 November 2005 02:51, Dale Pontius wrote: |
5 |
> > |
6 |
> > |
7 |
> >>I decided to try running BIND on the SELinux system. I get this message: |
8 |
> >> * Starting named ... |
9 |
> >>named: capset failed: Operation not permitted: please ensure that the |
10 |
> >>capset kernel module is loaded. see insmod(8) |
11 |
> >> |
12 |
> >>I've made sure that "commoncap" was built and loaded prior to trying to |
13 |
> >>start BIND. A bit |
14 |
> >>of google searching, and this seemed to have helped everyone else, but |
15 |
> >>not me. |
16 |
> >> |
17 |
> >> |
18 |
> >I had the same problem and googled it, and the module I found I had to put |
19 |
> >into /etc/modules.autoload.d/kernel-2.6 was ¨capability¨, not ¨commoncap¨. |
20 |
> >But perhaps you´re using a 2.4 kernel and it´s different - i just subscribed |
21 |
> >to the mailing list and didn´t see the original post. |
22 |
> > |
23 |
> > |
24 |
> I saw the "capability" stuff too, and thought that was the same as |
25 |
> "commoncap". So |
26 |
> now I have to ask... Where do you turn on "capability"? I did a "grep |
27 |
> CAP .config" |
28 |
> and got only 2 entries, the one that produced commoncap, and another |
29 |
> that was |
30 |
> completely unrelated. (sound, maybe?) I'm running 2.6, by the way. |
31 |
in the kernel security options: |
32 |
CONFIG_SECURITY_CAPABILITIES=y |
33 |
module name: 'capability' |
34 |
|
35 |
Antoine |
36 |
|
37 |
-- |
38 |
gentoo-hardened@g.o mailing list |