I just found that the reason for dd is that Linux doesn't allow reading from the /proc/kmsg open descriptor without root privileges (as opposed to restricting just the open() call). The syslog-ng that I was using until now used the CAP_SYS_ADMIN capability to keep access to /proc/kmsg after dropping root privileges. It seems that rsyslog isn't currently programmed to use this capability, so my previous suggestion wouldn't work.
For now I switched back to syslog-ng, so that I don't need the extra 'dd' process running and still run the syslog daemon as an unprivileged user. Sorry for the noise. -- Don't run as root https://bugs.launchpad.net/bugs/388608 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
