[rsbac] To-do list for 1.2.2
Czakó Krisztián
rsbac@rsbac.org
Thu Nov 21 14:31:01 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Idézet Amon Ott 2002. november 18. 15:57 keltezésű leveléből:
> > ./test.sh runs fine.
> > fakeroot ./test.sh hangs.
> > Debian package building stops with error message.
> >
> > RSBAC messages:
> > <6>rsbac_adf_request(): request READ_OPEN, pid 30569, ppid 30568,
> > prog_name faked, uid 1000, target_type IPC, tid Msg-ID 131075, attr n=
one,
> > value 0, result NOT_GRANTED by JAIL
> > <6>rsbac_adf_request(): request DELETE, pid 30569, ppid 30568, prog_n=
ame
> > faked, uid 1000, target_type IPC, tid Msg-ID 131075, attr none, value=
0,
> > result NOT_GRANTED by JAIL
> > <6>rsbac_adf_request(): request DELETE, pid 30569, ppid 30568, prog_n=
ame
> > faked, uid 1000, target_type IPC, tid Msg-ID 163844, attr none, value=
0,
> > result NOT_GRANTED by JAIL
> > <6>rsbac_adf_request(): request DELETE, pid 30568, ppid 30567, prog_n=
ame
> > faked, uid 1000, target_type IPC, tid Msg-ID 131075, attr none, value=
0,
> > result NOT_GRANTED by JAIL
> > <6>rsbac_adf_request(): request DELETE, pid 30568, ppid 30567, prog_n=
ame
> > faked, uid 1000, target_type IPC, tid Msg-ID 163844, attr none, value=
0,
> > result NOT_GRANTED by JAIL
>
> Seems like fakeroot tried to access an IPC object outside the jail.
> Just to check: Could you please retry with -i parameter to rsbac_jail
> (external IPC access)? It should work then, but with a big hole.
No. The above test run in a jail started with -i -v -l -a (eg. flags 21).
Another interesting thing:
After rebooting the system, when I log in to the jail via ssh and run fakeroot
/bin/bash it works. When I exit from the faked shell and try again, it
doesn't until a reboot.
Slapic
- --
Pilatus-Comp Ltd. HUNGARY * The Linux Expert * pilatuscomp@linux.co.hu
http://www.linux.co.hu * Phone: +36-1-2481816 * Fax: +36-1-2481817
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE93N5HCF6okiny5rwRAoIRAJ4nwXbfX02vdJKjw+mMa923gyhoRACcC1x/
p5b8ToTkxsK8f/crU2u0UL0=
=XZV2
-----END PGP SIGNATURE-----