[rsbac] Problem with RSBAC 1.2.4 pre3 and Kernel 2.4.27
Patrique Wolfrum
Patrique.Wolfrum at vwl.uni-freiburg.de
Mon Dec 20 15:26:11 CET 2004
Hello Amon,
thank you for your quick reply.
>>rsbac_adf_request(): request MODIFY_SYSTEM_DATA, pid 1645, ppid 1628, prog_name bash, uid 0, audit_uid, target type PROCESS, tid 1645, attr kernel_thread, value 0, result NOT_GRANTED by ACL
>>
>>
>
>This is setting the priority of a process. You can grant this right
>without problems.
>
>
I tried to find this setting, but I could't find it. Could you please
give me hint where to look it ?
>>Another thing is, that the Administration Tools seem to work a bit
>>buggy, since I often can't change a 'Def Process Create Type' setting in the RC_Roles screen. Either I get 'RSBAC_EINVALID_VALUE' or the value isn't changed at all (after setting a new value, the old still is
>>displayed as the actual value). This is rather annoying, since some
>>roles seem to have set themselves wrong values for the 'Def Process
>>Create Type' setting, so they can't create a process anymore and RSBAC gives out a error message in the log about it, but I can't do anything to correct this problem.
>>
>>
>
>It seems as if the old values caused the problem. Have you tried the
>command line tool rc_set_item, or only the menu?
>
>
Until I received your message, I just tried it via the menu. The
commandline I used for rc_set_item was 'rc_set_item -v ROLE 501
def_process_create_type 65' and I received 'RSBAC_EINVALIDVALUE'.
With best regards.
Patrique Wolfrum
--
Patrique Wolfrum
Administrator - Fakultätsserver
Albert-Ludwigs-Universität Freiburg im Breisgau
Institut für allgemeine Wirtschaftsforschung
Abteilung für Wirtschaftsinformatik
Kollegiengebäude II
Platz der Alten Synagoge
79085 Freiburg
Tel.: 0761 - 203-2397
More information about the rsbac
mailing list