[Openais] Re: 2.6.9 kernel oops with openais
Lee Revell
rlrevell at joe-job.com
Fri Oct 29 17:42:49 PDT 2004
On Fri, 2004-10-29 at 17:11 -0700, Steven Dake wrote:
> What would be preferrable instead of dropping UID when privleged
> services are needed? more specifically I need
> * CAP_NET_RAW (bindtodevice)
> * CAP_SYS_NICE (setscheduler)
> * CAP_IPC_LOCK (mlockall)
>
> I had thought about adding the correct code to get these capabilities
> but it still requires a start-from-uid0 environment
Not sure about #1, but Jack (http://jackit.sf.net) needed #2 and #3 and
the realtime LSM was developed as a result. See the LKML thread of the
same name.
HTH,
Lee
More information about the Openais
mailing list