[Dnsmasq-discuss] setting capabilities failed with CONFIG_SECURITY=n

Ryan Nowakowski tubaman at fattuba.com
Tue Jan 4 20:04:22 GMT 2011


On Tue, Jan 04, 2011 at 07:30:34PM +0000, Simon Kelley wrote:
> On 04/01/11 19:24, tubaman at fattuba.com wrote:
>> I'm using dnsmasq 2.52 and have CONFIG_SECURITY commented out in my
>> kernel config.  I still get "setting capabilities failed" during startup.
>> This is 2.6.32 on a powerpc machine.  dnsmasq starts fine on an x86
>> machine with a similar kernel config.
>>
>> root at OpenWrt:/# uname -a
>> Linux OpenWrt 2.6.32 #21 SMP Tue Jan 4 13:16:21 CST 2011 ppc GNU/Linux
>> root at OpenWrt:/# dnsmasq -K -D -y -Z -b -E -s lan -S /lan/ -l /tmp/dhcp.leases -r
>>   /tmp/resolv.conf.auto --dhcp-range=lan,192.168.1.100,192.168.1.250,255.255.255.
>> 0,12h -2 'eth1'
>>
>> dnsmasq: setting capabilities failed: Operation not permitted
>> root at OpenWrt:/#
>>
>> Ideas?
>>
>
> If your kernel doesn't provide capabilities, you will have to tell  
> dnsmasq to run as root by adding '-u root' to the command line.

On x86, I don't have to:

root at OpenWrt:~# uname -a
Linux OpenWrt 2.6.32.10 #10 Tue Jan 4 13:42:56 CST 2011 i686 GNU/Linux
root at OpenWrt:~# ps -aef | grep dns
 1255 nobody     640 S    /usr/sbin/dnsmasq -K -D -y -Z -b -E -s lan -S /lan/ -
 5834 root       932 S    grep dns 
root at OpenWrt:~# cat /proc/config.gz | gunzip | grep SECURITY
# CONFIG_SECURITY is not set
# CONFIG_SECURITYFS is not set
# CONFIG_SECURITY_FILE_CAPABILITIES is not set
root at OpenWrt:~# 

Any idea why?

- Ryan



More information about the Dnsmasq-discuss mailing list