[rsbac] How to set target_type FILE Path socket:/[25924]

Amon Ott ao at rsbac.org
Thu Apr 29 12:59:23 CEST 2004

On Thursday 29 April 2004 12:47, Thomas Mueller wrote:
> I reduced the FD rights of every process to its required minimum using 
> RC model. Now I have only left for example:
> Apr 29 12:15:28 geht-schon kernel: rsbac_adf_request(): request
> GET_STATUS_DATA, pid 539, ppid 1, prog_name exim4, uid 105, target_type
> FILE, tid Device 00:04 Inode 25924 Path socket:/[25924], attr none, value
> 0, result NOT_GRANTED by GEN RC
> How can I set these rights?
> attr_set_file_dir FD socket:/ ...
> 'target_type FILE' means I have to set the rights using 
> FD' ?

This is in socketfs, a special filesystem to keep sockets. Its files will 
always have RC type 0. If you want to treat them differently, create a new 
type "fs default", copy all rights to type 0 to the new type, and assign 
it to /. Then you can grant rights to type 0 to cover these special 

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list