Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
-
Linux
Description
On Linux jsvc only works as root.
Despite the discussion on issue 24, loading the kernel capability module doens't help.
pioppo@roentgen ~ $ uname -a
Linux roentgen 2.6.19-gentoo-r4 #1 PREEMPT Sun Jan 14 13:01:55 CET 2007 x86_64 AMD Athlon(tm) 64 Processor 3200+ AuthenticAMD GNU/Linux
pioppo@roentgen ~ $ lsmod|grep capa
capability 4296 0
commoncap 5952 1 capability
in the errfile I get:
14/01/2007 00:42:58 31709 jsvc.exec error: syscall failed in set_caps
14/01/2007 00:42:58 31709 jsvc.exec error: set_caps(CAPS) failed
14/01/2007 00:42:58 31708 jsvc.exec error: Service exit with a return value of 4
I've been told documentation says:
"Jsvc is a daemon process so it should be started as root and the -user
parameter allows to downgrade to an unprivilegded user."
but I see no reason why jsvc or any other daemon process shouldn't be runnable as non root therefore I'm creating this issue as a request for improvement.
I'm also attaching
I'm attaching a patch.