[rsbac] rsbac 1.2.1 - problem with X configuration?

Amon Ott rsbac@rsbac.org
Mon Sep 30 09:20:01 2002

Previous message: [rsbac] rsbac 1.2.1 - problem with X configuration?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sunday, 29. September 2002 17:20, Karel.Divis@worldmail.cz wrote:
>   I cannot run X as a common user with RSBAC 1.2.1, even though the "X 
support (normal user ...)" kernel configuration option is on. Error messages 
of both X and RSBAC are same as the option was not set.
> 
> X error message:
> *************************************
> (EE) ATI(0): Cannot open /dev/mem
> 
> Fatal server error:
> xf86MapVidMem: failed to open /dev/mem (Operation not permitted)
> **************************************
> 
> RSBAC error message:
> *************************************
> Sep 29 16:47:02 vltava kernel: rsbac_adf_request(): request 
GET_STATUS_DATA, pid 1120, ppid 1119, prog_name X, uid 500, target_type SCD, 
tid kmem, attr none, value 0, result NOT_GRANTED by RC ACL
> Sep 29 16:47:02 vltava last message repeated 2 times
> *************************************

Some stupidly designed X servers access kernel memory (!) to generate 
random values. All you can do here is either use another X server or assign a 
new RC role 'X server' with sufficient rights as initial role to your X 
server binary.

Amon.
--
http://www.rsbac.org

Previous message: [rsbac] rsbac 1.2.1 - problem with X configuration?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]