[rsbac] secoff can't change anything

Thomas Mueller news-exp-jun04 at tmueller.com
Thu Apr 8 00:20:54 CEST 2004


Hi,

suddenly (at least I'm not aware of any changes I might have done) my
secoff can't change anything. Whatever I do I get errors like this one (in
softmode):

attr_set_file_dir FD /bin/login rc_force_role 5
leads to:
Apr  7 23:51:27 geht-schon kernel: rsbac_adf_request(): request
MODIFY_ATTRIBUTE, pid 1254, ppid 1105, prog_name attr_set_file_d, uid 400,
target_type FILE, tid Device 03:05 Inode 64647 Path /bin/login, attr
rc_force_role, value 5, result NOT_GRANTED by GEN RC

When using rsbac_menu I get messages like this one:
Apr  7 23:44:58 geht-schon kernel: rsbac_rc_sys_get_item(): getting item
of role 1 denied for pid 1197, user 400 - not in admin_roles!

I'm running kernel 2.6.4 with RSBAC 1.2.3pre4.

I've uploaded my kernel config and rsbac
settings to http://www.tmueller.com/rsbac.tgz if that helps.


Thomas
-- 
http://www.tmueller.com for pgp key (95702B3B)



More information about the rsbac mailing list