[rsbac] To-do list for 1.2.2

Czakó Krisztián rsbac@rsbac.org
Mon Nov 18 15:01:02 2002

Previous message: [rsbac] To-do list for 1.2.2
Next message: [rsbac] To-do list for 1.2.2
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Idézet Amon Ott 2002. november 18. 09:18 keltezésű leveléből:
> On Saturday, 16. November 2002 14:21, Czakó Krisztián wrote:
> > Idézet Amon Ott 2002. november 15. 12:07 keltezésű levelébő=
l:
> > > To do for 1.2.2:
> > > - Support more scanners (AVP, AntiVir) in MS module
> > Clamav?
> Where can I get a Linux daemon for testing?

http://clamav.elektrapro.com/

> > Allow IP-list in jail, not just one IP.
> > What I'd like to use is to allow 127.0.0.1 and one public IP in the j=
ail.
> OK, I will look into that. 127.0.0.1 (optional) and one other IP would =
be
> easy, but probably not sufficient. More IPs require a list and thus a b=
it
> more work.

In fact, I need 127.0.0.1 for internal IP communication between jails without 
the need for binding public IPs and rejecting it with netfilter from the Net.

> > BTW, I have one small(?) problem with the jail in 1.2.1 (2.4.19):
> > I can't use Debian fakeroot utility. It's forbidden by the JAIL modul=
e.
> > Is it possible to allow it?
> What exactly does not get allowed?

Fakeroot from Debian GNU/Linux 3.0 woody.
Simple test script (test.sh):
- --- cut ---
#!/bin/sh

id
- --- cut ---

./test.sh runs fine.
fakeroot ./test.sh hangs.
Debian package building stops with error message.

RSBAC messages:
<6>rsbac_adf_request(): request READ_OPEN, pid 30569, ppid 30568, prog_name 
faked, uid 1000, target_type IPC, tid Msg-ID 131075, attr none, value 0, 
result NOT_GRANTED by JAIL
<6>rsbac_adf_request(): request DELETE, pid 30569, ppid 30568, prog_name 
faked, uid 1000, target_type IPC, tid Msg-ID 131075, attr none, value 0, 
result NOT_GRANTED by JAIL
<6>rsbac_adf_request(): request DELETE, pid 30569, ppid 30568, prog_name 
faked, uid 1000, target_type IPC, tid Msg-ID 163844, attr none, value 0, 
result NOT_GRANTED by JAIL
<6>rsbac_adf_request(): request DELETE, pid 30568, ppid 30567, prog_name 
faked, uid 1000, target_type IPC, tid Msg-ID 131075, attr none, value 0, 
result NOT_GRANTED by JAIL
<6>rsbac_adf_request(): request DELETE, pid 30568, ppid 30567, prog_name 
faked, uid 1000, target_type IPC, tid Msg-ID 163844, attr none, value 0, 
result NOT_GRANTED by JAIL

Regards,
Slapic

- -- 
Pilatus-Comp Ltd. HUNGARY * The Linux Expert * pilatuscomp@linux.co.hu
  http://www.linux.co.hu * Phone: +36-1-2481816 * Fax: +36-1-2481817

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE92PC9CF6okiny5rwRAo9WAJsFjAGq88NPZPrdqxko4oZ9X38bBQCfe+x7
nEZkhH4cxWlGd7xlQOOpNqM=
=/rlD
-----END PGP SIGNATURE-----

Previous message: [rsbac] To-do list for 1.2.2
Next message: [rsbac] To-do list for 1.2.2
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]