linux 2.6 capset

Fri Apr 23 13:10:36 UTC 2004

I ran into it in a workshop setting on my Debian box
with a 2.6 kernel.  I'm not sure that the workshop
notes made it to ISC yet, but my suggestion was that
it be added as a note in the documentation (that upon
the occurrence of that particular error on a Linux box
with the 2.6 kernel, the admin needs to modprobe

Not sure this is realistically fixable with a patch,
unless there's a runtime call that can validate the
presence/absence of the capability module and throw an
appropriate error.  I couldn't easily find such a call,
but I didn't spend much time looking.  Of course commenting
out the capset call works as well, but that's not a 
desirable solution.


> -----Original Message-----
> From: bind-workers-bounce at 
> [mailto:bind-workers-bounce at] On Behalf Of LaMont Jones
> Sent: Thursday, April 22, 2004 1:35 PM
> To: bind-workers at
> Subject: linux 2.6 capset
> With linux 2.6, capset can be a module, which effectively breaks bind9
> (fatal: capset failed).  Regrettably, the return from the syscall is
> identical if the module is not compiled in, or if you lack permission
> to do the capset() call.  (Both return EPERM.)
> Working on a patch, but wondering if anyone else has run into this.
> lamont

More information about the bind-workers mailing list