Hi!
> See my "capwrap" module:
>
> http://arctrix.com/nas/linux/capwrap.tar.gz
>
> To allow SCHED_FIFO you would need to give the process the CAP_SYS_NICE
> capability. CAP_SYS_NICE is bit 23 (800000 in hex). Create a text file
> with the following line and make it root suid:
>
> &/usr/bin/someprogram 800000
>
> If the capwrap module is loaded the kernel will recognize the file as a
> "capability wrapper" and grant the specified capabilities to the
> executable while running with the uid of the current user.
>
> The capwrap module isn't fancy but is works and is simple. It doesn't
> require any special filesystem. Since I'm no kernel hacker I don't know
> if it's suitable for inclusion in the main tree. I would appreciate any
> comments people have regarding it.
I did similar thing using elf .note section... But this seems elegant
too. Perhaps you want to push it for inclusion?
Pavel
-- Worst form of spam? Adding advertisment signatures ala sourceforge.net. What goes next? Inserting advertisment *into* email? - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Oct 31 2002 - 22:00:31 EST