sysklogd

Robert Connolly robert at linuxfromscratch.org
Wed May 23 08:01:45 PDT 2007


There have been efforts to patch the recent 2.6 kernel so user klogd can 
read /proc/kmsg, but they circumvent selinux's access controls, so they were 
rejected.

Ubuntu's sysklogd_1.4.1-16ubuntu6.diff adds a -P option to klogd so klogd can 
read from a pipe. From the boot script 'dd' runs as root and pipes 
from /proc/kmsg to /var/run/klogd/kmsg, and the klogd user has permission to 
read /var/run/klogd/kmsg.

And the only way to keep /var/run/klogd/kmsg from growing out of control is to 
restart the boot script once in a while to remove /var/run/klogd/kmsg.

I think this will work fairly well. 'dd' is a pretty secure program, but an 
assembly version would be best. I found a dd.asm in asmutils-0.18, but it's 
in nasm syntax. Or at least a version of 'dd' that ignores environment, 
preload, and locales.

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20070523/35b8b2b9/attachment.sig>


More information about the hlfs-dev mailing list