[rsbac] Losing settings at reboot
Amon Ott
ao at rsbac.org
Sat Sep 27 22:24:01 MEST 2003
Am Sonntag, 28. September 2003 10:56 schrieb Samuli Kärkkäinen:
> It seems to me that when I reboot the system, not all rsbac settings get
> always restored properly. For instance currently my secoff user lacks any
> extra privileges (which I noticed _after_ switching softmode on ...). I'm
> quite certain I haven't made that change myself. In the beginning of my
> rsbac experimenting, all or most of the settings were gone after a reboot,
> but I ignored that as I assumed I somehow caused it myself (which could be
> true). Could it be that an unclean shutdown could cause this somehow?
Normally, all RSBAC settings are flushed to disk regularly after each change.
If for some reason this saving fails, they are again flush on umount. A hard
shutdown without sync can certainly fail to get them saved to disk, or fail
to transfer them from ext3 journal to disk.
Loosing previous attributes, specially predefined attributes like secoff's
rights, can only happen if there is a broken attribute file on disk.
You can check whether the lists have been saved if you look at the dirty flags
in /proc/rsbac-info/gen-lists. Please also have a closer look if you get
error messages about read problems during RSBAC init.
Amon.
More information about the rsbac
mailing list