Login | Register For Free | Help	Search this list this category for: (Advanced)

Mailing List Archive: Quagga: Bugs [Bug 450] Inappropriate privilege requirements when starting zebra on Solaris using SMF   Index | Next | Previous | View Flat

bugzilla-daemon at allevil May 12, 2008, 9:15 AM Views: 2527 Permalink [Bug 450] Inappropriate privilege requirements when starting zebra on Solaris using SMF Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. http://bugzilla.quagga.net/show_bug.cgi?id=450 jingjing.duan [at] sun changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Inappropriate privilege |Inappropriate privilege |requirements while starting |requirements when starting |zebra on Solaris using SMF |zebra on Solaris using SMF ------- Additional Comments From jingjing.duan [at] sun 2008-05-12 17:13 ------- The privileges listed in solaris/quagga.xml.in doesn't seem to be enough. The code in Quagga's lib/privs.c is asking for more privileges, but I don't really know what ones it's asking for. The relevant logs look like: [. May 9 11:55:39 Executing start method ("/lib/svc/method/quagga zebra -P\ 0"). ] zprivs_caps_init: error setting permitted set!, Not owner [ May 9 11:55:40 Method "start" exited with status 0. ] [. May 9 11:55:40 Stopping because all processes in service exited. ] [ May 9 11:55:40 Executing stop method (:kill). ] The zprivs_caps_init function calls setppriv which fails with the above error message. The part including privilege list assigned to zebra in the quagga.xml.in configuration file looks like: <exec_method type='method' name='start' exec='/lib/svc/method/quagga zebra %{routing/daemon-args}' timeout_seconds='60'> <method_context> <method_credential user='root' group='root' privileges='basic,net_icmpaccess,net_rawaccess,sys_admin,sys_net_config'/> </method_context> </exec_method> A possible workaround could be removing the privilege list line above, so that the zebra daemon would have "all" the privileges of "root", which would fix the immediate problem. ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ Quagga-bugs mailing list Quagga-bugs [at] lists http://lists.quagga.net/mailman/listinfo/quagga-bugs

Subject User Time [Bug 450] Inappropriate privilege requirements when starting zebra on Solaris using SMF bugzilla-daemon at allevil May 12, 2008, 9:15 AM

Index | Next | Previous | View Flat   Quagga     Users     Dev     Bugs     Znog

Interested in having your list archived? Contact Gossamer Threads
 

Web Applications & Managed Hosting Powered by Gossamer Threads Inc.