Searched refs:CAP_SYSLOG (Results 1 – 7 of 7) sorted by relevance
9 #ifndef CAP_SYSLOG10 #define CAP_SYSLOG 34 macro
2328 bool cap_syslog = perf_cap__capable(CAP_SYSLOG, &used_root); in symbol__read_kptr_restrict() 2340 * we also restrict when perf_event_paranoid > 1 w/o CAP_SYSLOG in symbol__read_kptr_restrict()
36 if (security_capable(cred, &init_user_ns, CAP_SYSLOG, in kallsyms_show_value()
472 local unpriv=$(capsh --drop=CAP_SYSLOG -- -c "$cmd")
99 CAP_SYSLOG capability permits reading kernel space memory addresses from
312 - /proc/sys/kernel/kptr_restrict = 2 (restrict all users) also prevents perf probe to retrieve the important information from kallsyms. You also need to set to 1 (restrict non CAP_SYSLOG users) for the above commands. Since the user-space probe doesn't need to access kallsyms, this is only for probing the kernel function (kprobes).
627 if (capable(CAP_SYSLOG)) in check_syslog_permissions()