Gentoo Archives: gentoo-security

From: Serge Koksharov <gentoosiast@××××××.ru>
To: gentoo-security@l.g.o
Subject: [gentoo-security] Running app-admin/syslog-ng without root privileges
Date: Wed, 16 Nov 2005 09:52:41
Message-Id: 437AFFF2.1070208@yandex.ru
1 Hi,
2
3 I am trying to run syslog-ng v1.6.8 without root privileges, under
4 dedicated account. All goes fine, except messages from kernel buffer
5 /proc/kmsg. I'm not surprised, because /proc/kmsg have permission bits
6 set to 0400 and owner:group to root:root. As I know in good old
7 app-admin/sysklogd same goal accomplished by actually running two
8 processes: one which reads from /proc/kmsg under root privileges &
9 another one which reads from /dev/log and does everything else under
10 dedicated non-root account. May be we need to ask syslog-ng authors to
11 implement the same scheme as in sysklogd?
12
13 Thanks in advance.
14
15 --
16 gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] Running app-admin/syslog-ng without root privileges Taka John Brunkhorst <antiwmac@×××××.com>