[Dnsmasq-discuss] "warning: setting capabilities failed: Operation not permitted" on startup

Simon Kelley simon at thekelleys.org.uk
Fri Aug 25 15:03:54 BST 2006


Robert S wrote:
> I'm having a few problems with networking (most things work OK but I
> can't update my antivirus and I can't ping their server).  I've
> noticed recently that I'm getting the above in my syslog:
> 
> Aug 20 08:45:58 mypc dnsmasq[8702]: started, version 2.31 cachesize 150
> Aug 20 08:45:58 mypc dnsmasq[8702]: compile time options: IPv6
> GNU-getopt no-ISC-leasefile no-DBus no-I18N
> Aug 20 08:45:58 mypc dnsmasq[8702]: DHCP, IP range 192.168.2.2 --
> 192.168.2.40, lease time 12h
> Aug 20 08:45:58 mypc dnsmasq[8702]: warning: setting capabilities
> failed: Operation not permitted
> Aug 20 08:45:58 mypc dnsmasq[8702]: running as root
> Aug 20 08:45:58 mypc dnsmasq[8702]: reading /etc/resolv.conf
> Aug 20 08:45:58 mypc dnsmasq[8702]: using nameserver 203.17.154.31#53
> Aug 20 08:45:58 mypc dnsmasq[8702]: using nameserver 203.17.154.34#53
> Aug 20 08:45:58 mypc dnsmasq[8702]: using nameserver 192.168.2.1#53
> Aug 20 08:45:58 mypc dnsmasq[8702]: ignoring nameserver 127.0.0.1 -
> local interface
> Aug 20 08:45:58 mypc dnsmasq[8702]: read /etc/hosts - 11 addresses
> 
> My /etc/dnsmasq.conf:
> 
> domain-needed
> bogus-priv
> domain=mydomain.com.au
> dhcp-range=192.168.2.2,192.168.2.40,12h
> dhcp-host=00:48:54:90:1f:b0,192.168.2.22
> [etc]
> 
> My startup options:
> 
> --dhcp-option=3,192.168.2.1
> 
> I'm running gentoo on kernel 2.6.16-gentoo-r7.
> 
> Is this message of any significance?

It's of no significance for your network problems, they must be
something else. Dnsmasq will work fine in this state, the only
consequence is that _if_ there was a security breach in dnsmasq, then
the attacker could use it to get root permissions, rather than a lesser
user.

This problem is normally caused by a kernel config problem (there's a
note in the dnsmasq FAQ about exactly what.) Since you are using a
Gentoo-supplied kernel (and dnsmasq package, I presume) it might be
worth submitting a bug report to Gentoo about this.)

Cheers,

Simon.


> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 





More information about the Dnsmasq-discuss mailing list