[rsbac] Problem with RSBAC 1.2.4 pre3 and Kernel 2.4.27

Patrique Wolfrum Patrique.Wolfrum at vwl.uni-freiburg.de
Mon Dec 20 14:54:09 CET 2004 

Hello,

as written in my last messages, I had problems getting RSBAC 1.2.3 
working with my existing installation (RSBAC Admintools weren't able to 
display the existing RC_Roles and RC_FDs). As I was goint to test 
several diagnostic steps, which Amon Ott emailed to me last week, 
suddenly the RSBAC Admintools 1.2.4 pre3, which I tried after a 
suggestion from Amon Ott in case some bug in RSBAC 1.2.3 was causing the 
describe behaviour), displayed all RC_Roles and RC_FDs. As it seemed to 
be working now, I added the boot-role and adjusted several other roles 
accordingly. In Softmode the system booted ,after several corrections to 
the bootrole correctly. Without the softmode, mingetty and the bash 
started to be quite troublesome, since they insisted to make a call 
which RSBAC denied:

rsbac_adf_request(): request MODIFY_SYSTEM_DATA, pid 1645, ppid 1628, 
prog_name bash, uid 0, audit_uid, target type PROCESS, tid 1645, attr 
kernel_thread, value 0, result NOT_GRANTED by ACL

Another thing is, that the Administration Tools seem to work a bit 
buggy, since I often can't change a 'Def Process Create Type' setting in 
the RC_Roles screen. Either I get 'RSBAC_EINVALID_VALUE' or the value 
isn't changed at all (after setting a new value, the old still is 
displayed as the actual value). This is rather annoying, since some 
roles seem to have set themselves wrong values for the 'Def Process 
Create Type' setting, so they can't create a process anymore and RSBAC 
gives out a error message in the log about it, but I can't do anything 
to correct this problem.

Can anyone please give me a hint, how to solve these problems ?

Thank you very much in advance.

With best regards.
    Patrique Wolfrum

-- 
Patrique Wolfrum
Administrator - Fakultätsserver

Albert-Ludwigs-Universität Freiburg im Breisgau
Institut für allgemeine Wirtschaftsforschung
Abteilung für Wirtschaftsinformatik
Kollegiengebäude II
Platz der Alten Synagoge
79085 Freiburg

Tel.: 0761 - 203-2397

More information about the rsbac mailing list