* [PATCH] libcap: introduce CAP_SYSLOG
@ 2011-01-13 16:23 Sergey Senozhatsky
0 siblings, 0 replies; only message in thread
From: Sergey Senozhatsky @ 2011-01-13 16:23 UTC (permalink / raw)
To: Andrew G. Morgan; +Cc: linux-kernel
Since commit 38ef4c2e437d11b5922723504b62824e96761459 syslog
operations require CAP_SYSLOG capability (intoriduced by commit
ce6ada35bdf710d16582cc4869c26722547e6f11), not CAP_SYS_ADMIN.
Patch introduces CAP_SYSLOG capability.
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
---
libcap/include/linux/capability.h | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/libcap/include/linux/capability.h b/libcap/include/linux/capability.h
index 39e5ff5..4924f2a 100644
--- a/libcap/include/linux/capability.h
+++ b/libcap/include/linux/capability.h
@@ -355,7 +355,12 @@ struct cpu_vfs_cap_data {
#define CAP_MAC_ADMIN 33
-#define CAP_LAST_CAP CAP_MAC_ADMIN
+
+/* Privileged syslog operations currently require CAP_SYSLOG.
+ CAP_SYS_ADMIN is not acceptable anymore. */
+#define CAP_SYSLOG 34
+
+#define CAP_LAST_CAP CAP_SYSLOG
#define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2011-01-13 16:23 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-01-13 16:23 [PATCH] libcap: introduce CAP_SYSLOG Sergey Senozhatsky
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.