On Wed, Apr 24, 2013 at 11:51 PM, Josh Boyer <jwboyer@xxxxxxxxxx> wrote: >> In the daemon case, it's nice to be able to drop privileges after >> setting up resources. The past was open /proc/kmsg with CAP_SYS_ADMIN, >> then drop CAP_SYS_ADMIN and keep reading. Then later CAP_SYS_LOG was >> introduced. So if a daemon switched from /proc/kmsg to /dev/kmsg they >> wouldn't be able to drop the capability. But, it's much saner to carry >> CAP_SYS_LOG than CAP_SYS_ADMIN on a long-running daemon. > > I have no idea on this front. I'll let Kay speak to that. The original code checks once at open() only, which would allow to do do all that privilege dropping. It is how I would expect it to work, instead of checking the permissions at every read(). > On my > currently running Fedora 18 system, I actually have systemd-journald > using /dev/kmsg That's the recent structured logging stuff. > and rsyslog using /proc/kmsg. That's the old plain text syslog daemon stuff. > Why I have both, I have no friggin idea. Nobody removed the old syslog dameon by default from the distro. If you don't want or need the plain text files in /var/log/ anymore, just uninstall it and use journalctl(1) to see the system logs from then on. >> Is there an intention to use /dev/kmsg for the syslog management daemon? Not that I know. > Maybe? I mean, systemd-journald seems to be using it for something. > Kay? I doubt that old syslog implementations will be ported to a new kernel interface. They work just fine the way they are, and the structured data that is additionally put out on the new interface, they cannot really store away anyway in their plain text files, so they do not gain anything really. What we can probably expect though, is that in the future the default systems will not install any old syslog daemon, which uses that interface anymore. Kay -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html