Some further debuging of the capabilities: pinentry(-qt) has no file capabilities, the process of gpg-agent has the following: ~> getpcaps 27031 27031: cap_dac_override,cap_net_admin,cap_net_raw,cap_sys_rawio,cap_sys_admin=i
And in strace I find the following:
28441 20:23:54 capset({version=_LINUX_CAPABILITY_VERSION_3, pid=0},
{effective=1<<CAP_IPC_LOCK, permitted=1<<CAP_IPC_LOCK, inheritable=0}) = -1
EPERM (Die Operation ist nicht erlaubt)
28441 20:23:54 capset({version=_LINUX_CAPABILITY_VERSION_3, pid=0},
{effective=0, permitted=1<<CAP_IPC_LOCK, inheritable=0}) = -1 EPERM (Die
Operation ist nicht erlaubt)
28443 20:23:54 capset({version=_LINUX_CAPABILITY_VERSION_3, pid=0},
{effective=1<<CAP_IPC_LOCK, permitted=1<<CAP_IPC_LOCK, inheritable=0}) = -1
EPERM (Die Operation ist nicht erlaubt)
28443 20:23:54 capset({version=_LINUX_CAPABILITY_VERSION_3, pid=0},
{effective=0, permitted=1<<CAP_IPC_LOCK, inheritable=0}) = -1 EPERM (Die
Operation ist nicht erlaubt)
I get the same errors when I set the capabilities to cap_ipc_lock=ep.
So it seems to be something with capabilities.. And looking at the
binary of devuan, it is not linked against libcap!
I will recompile pinentry without caps use flag. But I am curious why it
has troubles with libcap.
Gruß
Klaus
--
Klaus Ethgen http://www.ethgen.ch/
pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen <kl...@ethgen.ch>
Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
