Package: libcap-bin Version: 1:1.10-14 Severity: important Hi Michael,
I've been trying to evaluate the status of the POSIX capability patch that's included in the Debian PAM package in relation to bug #153157, and I'm having some serious doubts that the libcap-bin programs actually work: $ su Password: # /sbin/getpcaps $$ Capabilities for `13995': =ep cap_setpcap-ep # sucap vorlon vorlon /bin/bash Caps: =ep cap_setpcap-ep Caps: = [debug] uid:1000, real uid:1000 sucaps: capsetp: Operation not permitted sucap: child did not exit cleanly. # Is this related to the fact that all of these processes seem to have an empty set of inheritable capabilities? Is it a general problem of capabilities support in recent kernels? >From what I see, if I can't set an inheritable capability, capability support in pam_limits isn't much use and should be dropped. Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
