[rsbac] Role for initrd(linuxrc) and oops in logs

Rob See rob at rsee.net
Mon Jul 12 18:01:25 CEST 2004 

Amon,

>> 	What role should the linuxrc script on the initrd be running under ? 
>> I
>> was sort of expecting that is should be under the new System Boot 
>> role,
>
> This was my expectation, too. There is a loop running through all 
> existing
> processes at init time, which sets the role and type.
>
> Is it limited to this process, or do the other boot processes also run 
> with
> the wrong role?

	Init seems to have the right role (999999)
>
> Is there any log entry by rsbac_do_init() at init time that says a 
> def_role
> attribute could not be read?
Nope, doesn't look like it. Here is the log:
rsbac_mount(): forcing delayed RSBAC init on DEV 254:00, matching 
254:00!
rsbac_do_init(): Initializing RSBAC v1.2.3
rsbac_do_init(): compiled modules: REG FF RC AUTH ACL CAP JAIL RES PAX
rsbac_do_init(): Initializing memory slabs
rsbac_do_init(): Registering RSBAC proc dir
rsbac_do_init(): Initializing generic lists
rsbac_init_debug(): Initializing
rsbac_softmode is set
rsbac_delayed_root is 254:0
rsbac_debug_aef_rc is set
rsbac_debug_adf_rc is set
rsbac_do_init(): reading FD attributes from root dev
rsbac_init_rc(): Initializing RSBAC: RC subsystem
rsbac_init_auth(): Initializing RSBAC: AUTH subsystem
rsbac_do_init(): auth_enable_login is set: setting auth_may_setuid for 
/bin/logi
n
rsbac_init_acl(): Initializing RSBAC: ACL subsystem
rsbac_init_acl(): Group list empty on dev 254:00!
rsbac_init_acl(): Group membership list empty on dev 254:00!
rsbac_reg_init(): Initializing RSBAC: REG module and syscall 
registration
rsbac_do_init(): Forcing consistency check.
rsbac_check(): Device 254:00 has 3 file/dir items (0 removed due to bad 
inodes)
rsbac_check(): Device 01:00 has 0 file/dir items (0 removed due to bad 
inodes)
rsbac_check(): Sum of 2 Devices with 3 fd-items
rsbac_check_auth(): Device 254:00 has 2 file/dir AUTHs (0 removed (0 
bad inodes,
  0 dtimed inodes, 0 had no members and default mask), 0 unlinked inodes)
rsbac_check_auth(): Device 01:00 has 0 file/dir AUTHs (0 removed (0 bad 
inodes,
0 dtimed inodes, 0 had no members and default mask), 0 unlinked inodes)
rsbac_check_auth(): Sum of 2 Devices with 2 file/dir AUTHs
rsbac_check_auth(): Total of 2 registered auth items
rsbac_check_acl(): 0 group membership items
rsbac_check_acl(): 0 group items
rsbac_check_acl(): Device 254:00 has 0 file/dir ACLs (0 removed (0 bad 
inodes, 0
  dtimed inodes, 0 had no members and default mask), 0 unlinked inodes)
rsbac_check_acl(): Device 01:00 has 0 file/dir ACLs (0 removed (0 bad 
inodes, 0
dtimed inodes, 0 had no members and default mask), 0 unlinked inodes)
rsbac_check_acl(): Sum of 2 Devices with 0 file/dir ACLs
rsbac_check_acl(): 0 device items
rsbac_check_acl(): 17 SCD items
rsbac_check_acl(): 0 network device items
rsbac_check_acl(): 0 network template NT items
rsbac_check_acl(): 7 network template items
rsbac_check_acl(): 0 network object items
rsbac_check_acl(): Total of 24 registered ACLs
rsbac_do_init(): Ready.
rsbacd(): Initializing.
rsbac_init(): Started rsbacd thread with pid 212
rsbac_init(): Adjusting attributes of existing processes
rsbac_init(): Ready.
rsbac_free_dat_dentry(): freeing dat dir dentries
rsbac_get_attr(): auto-mounting device 00:00
rsbac_get_attr(): auto-mounting device 00:03
>

Thanks,

-Rob
------------------------------------------------------------------
Rob See
Systems Administrator
Systems Management and Operations
University at Albany
------------------------------------------------------------------

More information about the rsbac mailing list