[Varnish] #912: Vanish lacks the file_read privilege on recent OpenSolaris

Varnish varnish-bugs at varnish-cache.org
Fri May 6 21:59:19 CEST 2011


#912: Vanish lacks the file_read privilege on recent OpenSolaris
--------------------+-------------------------------------------------------
 Reporter:  mamash  |        Type:  defect  
   Status:  new     |    Priority:  normal  
Milestone:          |   Component:  varnishd
  Version:  2.1.5   |    Severity:  major   
 Keywords:          |  
--------------------+-------------------------------------------------------
 The waive_privileges code does not work properly on recent OpenSolaris OS,
 snv_140 and newer (also Illumos/OpenIndiana). In addition to 'net_access',
 'file_read' is also needed, otherwise the VCL shared object cannot be
 opened by the child process:

 {{{
 Pushing vcls failed: dlopen(./vcl.ORk8t3RP.so): ld.so.1: varnishd: fatal:
 ./vcl.ORk8t3RP.so: Permission denied
 }}}

 I believe this remains a problem in the trunk too.

 More information here:

 [http://webcache.googleusercontent.com/search?q=cache:EIzTALnLxX4J:bugs.opensolaris.org/bugdatabase/view_bug.do%3Fbug_id%3D6440298+bug+6440298&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com
 Bug 6440298 (Google Cache)][[BR]]
 [http://mail.opensolaris.org/pipermail/opensolaris-
 arc/2009-July/016660.html Mail list discussion]

-- 
Ticket URL: <http://varnish-cache.org/trac/ticket/912>
Varnish <http://varnish-cache.org/>
The Varnish HTTP Accelerator




More information about the varnish-bugs mailing list