Displaying 17 results from an estimated 17 matches for "setcap".
Did you mean:
setcar
2009 Aug 19
1
CAP_FOWNER=ep for asterisk
Hello,
I need CAP_FOWNER=ep for the asterisk process, i set it with setcap on
the file /usr/sbin/asterisk, it's there when i look on it with getcap,
but after starting and loocking with getpcaps there's only
cap_net_admin+ep set.
So how exactly do I set CAP_FOWNER? Do I have to patch and recompile
or is there another solution I did not see yet?
thanks,
b...
2012 Jan 15
1
How to create servers in low ports
I want my Windows application to be able to listen on any port, but by default only root can create servers on ports <1024. As far as I know authbind doesn't work with Wine (and never will), and I can't redirect packets to a higher port with a firewall rule, because the Windows application (uTorrent) "tells" the other peers which port is listening on.
Making wineserver suid
2012 Jan 25
1
Re: Setting capabilities for process running under Wine
jjmckenzie wrote:
> You broke Wine by running it as root. See the FAQ on how to fix.
I'm not sure this is the case. Setcaps is not the same as setuid...
Was able to reproduce it here as well. This is actually a known problem: http://bugs.winehq.org/show_bug.cgi?id=26256
2015 Mar 02
2
QEMU interface type=ethernet
...peration not permitted
2015-03-02T18:00:51.243518Z qemu-kvm: -netdev
tap,script=/tmp/vnet380622.sh,id=hostnet1: Device 'tap' could not be
initialized
They can be resolved like this:
1) Edit /etc/libvirt/qemu.conf, and add "/dev/net/tun" to the
cgroup_device_acl option
2) Run: setcap cap_net_admin+eip /bin/qemu-system-x86_64
This will give QEMU CAP_NET_ADMIN when it runs. Make sure you review
`man capabilities` to see what capabilities this actually gets qemu.
The downside here is that in the event a guest somehow breaks out of
qemu, CAP_NET_ADMIN gives them a bunch of sca...
2004 May 18
0
problems with asterisk-oh323
...serInput/dtmf <4>
0:01.161 OpenH323 Wrapper H323 Added capability: UserInput/RFC2833 <5>
0:01.162 OpenH323 Wrapper H323UDP Binding to interface: 0.0.0.0:10000
0:01.163 OpenH323 Wrapper RAS Authenticator H235AnnexD_Procedure1<no-pwd> not active during GRQ SetCapability negotiation
0:01.163 OpenH323 Wrapper RAS Authenticator MD5<no-pwd> not active during GRQ SetCapability negotiation
0:01.163 OpenH323 Wrapper RAS Authenticator CAT<no-pwd> not active during GRQ SetCapability negotiation
0:01.163 OpenH323 Wrapper H225 St...
2014 Feb 27
2
Re: [libvirt] LXC, user namespaces and systemd
On 26.02.2014 17:59, Stephan Sachse wrote:
>> # chown -R foo:foo /var/lib/libvirt/filesystems/mycontainer
>
> you must "shift" the uids for the container 0 -> 666, 1 -> 667, 2 ->
> 668. there is a tool for this: uidmapshift
I prepared two containers, the first I used chown, in the second
uidmapshift, here is the results.
./uidmapshift -r
2015 Mar 02
0
Re: QEMU interface type=ethernet
...0:51.243518Z qemu-kvm: -netdev
> tap,script=/tmp/vnet380622.sh,id=hostnet1: Device 'tap' could not be
> initialized
>
> They can be resolved like this:
>
> 1) Edit /etc/libvirt/qemu.conf, and add "/dev/net/tun" to the
> cgroup_device_acl option
> 2) Run: setcap cap_net_admin+eip /bin/qemu-system-x86_64
>
> This will give QEMU CAP_NET_ADMIN when it runs. Make sure you review
> `man capabilities` to see what capabilities this actually gets qemu.
>
> The downside here is that in the event a guest somehow breaks out of
> qemu, CAP_NET_ADM...
2003 Aug 22
10
Intresting.. hrm
And it runs linux.
http://www.zip4x4.com/ZIP4x4.htm
Anyone seen one?
bkw
2013 Sep 23
3
[Bug 10163] New: rsync -X is ineffective when setting owner/group
...It works partially; however,
if combined with rsync options which preserve the file owner and/or group, it
is partially ineffective. This is because rsync calls chown(2) after setting
attributes, and chown removes security attributes (as in capabilities(5)).
Steps to Reproduce:
$ touch foo
$ sudo setcap cap_dac_read_search=pe foo
$ getcap foo
foo = cap_dac_read_search+ep
$ sudo rsync -X foo foo.1
$ getcap foo.1
foo.1 = cap_dac_read_search+ep
$ sudo rsync -aX foo foo.2
$ getcap foo.2
$
This report originates from https://bugzilla.redhat.com/show_bug.cgi?id=981797
--
Configure bugmail: https://bu...
2013 Aug 22
2
Re: Oracle RAC in libvirt+KVM environment
Il 22/08/2013 09:46, Timon Wang ha scritto:
> Thanks Nicholas.
>
> I found that scsicmd can't pass all the scsi3_test but the result of
> sg_inq is the same as it in the host.
>
> I am absolutely confused about this situation. Am I missed some
> information about it?
I am also confused. You need to understand the limitations that the
clustering software is putting.
2010 Dec 10
1
TeleVantage Client 8
...g on Windows 2003 on the LAN workgroup and has windows clients today (something I had hoped to change)
Client installed through shared folder TeleVantage/netsetup/client.exe
winetricks mdac28
(ADODB.Connection.2.8 {00000514-0000-0010-8000-00AA006D2EA4})
sudo apt-get install libcap2-bin
(installs setcap)
sudo setcap cap_net_raw+epi /usr/bin/wine-preloader
When I enter the IP of the server and user info at Log On, I get the message "Could not connect to the server on <IP>. Server components are not installed."
When SERVERNAME is used I get "Could not connect to the database o...
2013 Aug 27
2
Re: Oracle RAC in libvirt+KVM environment
...ugh, cap_sys_rawio+ep is required to pass-through
SCSI Reservation from the guest.
Note that I succeeded to pass-through SCSI Reservation with the following steps
in my environment, not a Windows guest though.
1. Stop the guest.
2. Add CAP_SYS_RAWIO(effective, permitted) to qemu-kvm.
# setcap cap_sys_rawio=ep /usr/bin/qemu-system-x86_64
3. Start the guest.
However, I don't think this is the right way to workaround it, because it
gives cap_sys_rawio+ep to all the kvm processes executed from this binary.
I believe following patches, which are not merged yet, are trying to solve...
2014 Feb 27
0
Re: [libvirt] LXC, user namespaces and systemd
...works
> properly.
try it as user and not as root
# su -s/bin/bash nobody -c 'ping localhost'
ping: icmp open socket: Operation not permitted
fix this from outside the container
chroot /path/to/rootfs
rpm --qf "[%{FILECAPS} %{FILENAMES}\n]" -qa | grep ^= | sed -e 's/^=/setcap/'
and paste the output into your terminal
/stephan
--
Software is like sex, it's better when it's free!
2016 Feb 24
4
IPtables block user from outbound ICMP
Hello,
Is it possible at all to block all users other than root from sending
outbound ICMP packets on an interface?
At the moment we have the following two rules in our IPtables config:
iptables -A OUTPUT -o eth1 -m owner --uid-owner 0 -j ACCEPT
iptables -A OUTPUT -o eth1 -j DROP
But this still allows ICMP for some reason (but *does* block other TCP/UDP
packets, which is what we want, as well
2012 Jul 16
3
[LLVMdev] RFC: LLVM incubation, or requirements for committing new backends
...+//==-----------------------------------------------------------------------===//
> +#include "AMDIL7XXDevice.h"
> +#include "AMDILDevice.h"
> +
> +using namespace llvm;
> +
> +AMDIL7XXDevice::AMDIL7XXDevice(AMDILSubtarget *ST) : AMDILDevice(ST)
> +{
> + setCaps();
> + std::string name = mSTM->getDeviceName();
> + if (name == "rv710") {
> + mDeviceFlag = OCL_DEVICE_RV710;
> + } else if (name == "rv730") {
> + mDeviceFlag = OCL_DEVICE_RV730;
> + } else {
> + mDeviceFlag = OCL_DEVICE_RV770;
> + }...
2012 Mar 26
7
Lite Manager
Hi there,
I'm trying to run Lite Manager on Ubuntu 11.10 using Wine 1.3, but all I get is a "program encountered a serious problem" screen. Any chance that someone could help me with this? :/
2011 Jul 08
0
Wine release 1.3.24
...d mouse implementation of BuildActionMap.
dinput: SetActionMap constructing a dataformat for keyboard and mouse.
dinput: SetActionMap and queue_event setting mapped data.
include: Corrected the value of the DIEDFL_ATTACHEDONLY flag.
Maarten Lankhorst (1):
winegstreamer: Fix setcaps call.
Marcus Meissner (19):
oleaut32: Unshadow cmp to make code work (Coverity).
shell32: Remove superflous NULL check (Coverity).
strmbase: Move NULL check up a bit (Coverity).
quartz: Removed useless NULL check (Coverity).
ole32: Access the array entry, not the arr...