robert at linuxfromscratch.org
Wed May 23 08:01:45 PDT 2007
There have been efforts to patch the recent 2.6 kernel so user klogd can
read /proc/kmsg, but they circumvent selinux's access controls, so they were
Ubuntu's sysklogd_1.4.1-16ubuntu6.diff adds a -P option to klogd so klogd can
read from a pipe. From the boot script 'dd' runs as root and pipes
from /proc/kmsg to /var/run/klogd/kmsg, and the klogd user has permission to
And the only way to keep /var/run/klogd/kmsg from growing out of control is to
restart the boot script once in a while to remove /var/run/klogd/kmsg.
I think this will work fairly well. 'dd' is a pretty secure program, but an
assembly version would be best. I found a dd.asm in asmutils-0.18, but it's
in nasm syntax. Or at least a version of 'dd' that ignores environment,
preload, and locales.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the hlfs-dev