[apparmor] [patch] klog-needs-CAP_SYSLOG
John Johansen
john.johansen at canonical.com
Wed Aug 17 00:09:38 UTC 2011
On 08/16/2011 04:57 PM, Kees Cook wrote:
> Hi,
>
> On Tue, Aug 09, 2011 at 12:13:56AM +0200, Christian Boltz wrote:
>> Please ask Jeff if you want to know what it does ;-)
>>
>> --- a/parser/parser_misc.c
>> +++ b/parser/parser_misc.c
>> @@ -129,6 +129,9 @@ static int get_table_token(const char *n
>> static struct keyword_table capability_table[] = {
>> /* capabilities */
>> #include "cap_names.h"
>> +#ifndef CAP_SYSLOG
>> + {"syslog", 34},
>> +#endif
>> /* terminate */
>> {NULL, 0}
>> };
>
> This shouldn't be needed since cap_names.h is auto-generated. If it's
> missing that means the kernel includes aren't up to date.
>
>> @@ -866,6 +869,7 @@ static const char *capnames[] = {
>> "audit_control",
>> "setfcap",
>> "mac_override"
>> + "syslog",
>> };
>
oh thats ugly, /me thought we had made those dynamic as well.
I'll work on a patch to pull those out of the autogenerated names.
More information about the AppArmor
mailing list