On Thu, 2008-07-03 at 11:15 +0200, Arne Wiebalck wrote: > > > >Should the user process get CAP_SYS_RAWIO? > > > > > > The user process in my case is forked by another process which runs > > > as root. But since this process does not have CAP_SETPCAP it cannot > > > set the child's capabilities (which is how I naively thought one could > > > implement this). > > > > > > What options are left? Running a patched kernel where the "SG_IO in st > > > requires CAP_SYS_RAWIO" is taken out? > > > > Erm, well capabilities are designed to be malleable, especially with > > things like sucap and execap, which root should be able to use. > > But you need to change and recompile your kernel to use that, as init > needs CAP_SETPCAP to be set, no? Well .. how you do that isn't really a SCSI problem. The FAQ has one solution. I suppose rebuilding your kernel is another possible but inelegant one. James -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html