Re: Unregistering Capabilites in a precompiled kernel.

From: Adam Young (ayoung@private)
Date: Fri Jun 17 2005 - 15:18:24 PDT

Previous message: Seth Arnold: "Re: Unregistering Capabilites in a precompiled kernel."
In reply to: Seth Arnold: "Re: Unregistering Capabilites in a precompiled kernel."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks you,

capability.disable=1

worked.

Adam


Seth Arnold wrote:
>On Thu, Jun 16, 2005 at 07:28:09PM -0700, Adam Young wrote:
>  
>>I recently tried loading and running a custom security module on a red 
>>hat system (both el4 and fedora) that has the capabilities lsm built in, 
>>not a loadable module.  It seems that the module parameter to disable 
>>capabilities is not read off the kernel command line.
>>    
>
>Which kernel command line parameter did you use? There've been several.
>I think capability.disable=1 is the one in current kernels, but if it
>doesn't work, try also capability=0
>
>  
>>Is there some way to disable the capabilities module after the Kernel
>>has booted.
>>    
>
>I know of no way to disable capabilities once it has been loaded. Sorry.
>

Previous message: Seth Arnold: "Re: Unregistering Capabilites in a precompiled kernel."
In reply to: Seth Arnold: "Re: Unregistering Capabilites in a precompiled kernel."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Jun 17 2005 - 15:49:17 PDT