[rsbac] rsbac_jail & postfix

Czako Krisztian rsbac@rsbac.org
Fri Aug 23 13:22:01 2002

Previous message: [rsbac] rsbac_jail & postfix
Next message: [rsbac] rsbac_jail & postfix
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--KsGdsel6WgEHnImy
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Aug 23, 2002 at 07:30:25AM +0200, Matthias J=E4nichen wrote:
> At 01:25 23.08.02 +0200, Deim Agoston wrote:
> >> Everybody went to holiday? :)
> >No, but I shall soon...
> Amon has just finished a private project and is is a bit short at time=20
> these days, but I will monitor the list and inform him if something sevre=
=20
> comes up. He promissed to answer all requests, but it may take some days.

Thanx. Nice to mail with myself :)
I try to solve my problem :)
It seems to be a bug in the jail, because JAIL rejects all unix domain bind
calls. I've tried nscd, mysqld and postfix.
RSBAC JAIL thinks it's a DIR CREATE call (case T_DIR at line 312 in
jail_main.c) and returns NOT_GRANTED. For testing, I've replaced this
NOT_GRANTED (line 312 in jail_main.c) with DO_NOT_CARE and unix socket bind
now works in the jail.

The compilation problem also seems to be a bug in the source. I think it's a
missing #ifdef. Something like this (NOTE THAT THIS PATCH NOT TESTED AT
ALL!):
--- linux.old/rsbac/adf/rc/rc_main.c	Fri Aug 16 11:33:26 2002
+++ linux/rsbac/adf/rc/rc_main.c	Thu Aug 22 17:08:43 2002
@@ -87,6 +87,7 @@
           i_rc_item =3D RI_type_comp_nettemp;
           i_attr =3D A_rc_type_nt;
           break;
+#ifdef CONFIG_RSBAC_RC_NET_OBJ_PROT
         case T_NETOBJ:
           i_rc_item =3D RI_type_comp_netobj;
           if(rsbac_net_remote_request(request))
@@ -94,6 +95,7 @@
           else
             i_attr =3D A_local_rc_type;
           break;
+#endif
         case T_USER:
           return(NOT_GRANTED);
         default:

Regards,
Slapic

--=20
Pilatus-Comp Ltd. HUNGARY * The Linux Expert * pilatuscomp@linux.co.hu
  http://www.linux.co.hu * Phone: +36-1-2481816 * Fax: +36-1-2481817

--KsGdsel6WgEHnImy
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9ZhorCF6okiny5rwRAnjdAJsHnKg2serR5iTSJuVvR+zGafTNUQCfTP6z
fBaiPUkb3I20G1Wn6iadJnc=
=OMHc
-----END PGP SIGNATURE-----

--KsGdsel6WgEHnImy--

Previous message: [rsbac] rsbac_jail & postfix
Next message: [rsbac] rsbac_jail & postfix
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]