how to install and setup cap from p4?
Ilmar S. Habibulin
ilmar at watson.org
Wed Jan 9 09:50:14 GMT 2002
On Tue, 8 Jan 2002, Brian F. Feldman wrote:
> There are two problems which you will have to solve to get this working
> (both easy, of course). First, you must have extended attributes on your
> filesystems set up for system/posix1e.cap; you can see how to do this from
> the documentation in src/sys/ufs. Turning on extattr autostarting for UFS
> is also a very good plan here :)
They are turned on, i have ACL too. And i've even made the backing storage
for capabilities. But i can't use it with standard kernel - i need kernel
with capabilities. And it doesn't boot to multiuser. It stops at
singleuser with root mounted readonly. And i'm unable to do any
privileged operation. sysctl, mount - everything is not permitted.
> Second, after you have a system with posix1e.cap extended attributes set up,
> install world again to get install(1) to set persistent capability flags on
> any pertinent files. After the files have these attributes (i.e., "getfcap
> -m /bin/true" should give you "all=ei:CAP_SETPCAP="), your system should
> have inheritence permitted for the system binaries, and you should be able
> to use the base system with capabilities.
I know that. I've tested Thomas' patches somehow.
> I hope this helps!
Now i've reinstalled the fresh fbsd snap and i'll try to install
capability enabled kernel again from the latest sources. maybe it was some
mid-commit situation.
If i fail i'll be back ;-)
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list