[rsbac] ADF
Amon Ott
ao at rsbac.org
Wed Feb 23 20:36:40 CET 2005
On Mittwoch 23 Februar 2005 20:27, Mateusz Szczyrzyca wrote:
> CONFIG_RSBAC_UM_EXCL=y
[...]
>
> After compilation and instalation, i boot up new kernel with
rsbac_softmode
> parameter and grant privileges auth_may_setuid to /bin/login
> When system booting without softmode i trying login:
>
> Feb 23 20:13:32 debian kernel: rsbac_adf_request(): request
> CHANGE_GROUP, pid 3688, ppid 1, prog_name login,
prog_file /bin/login,
> uid 0, audit_uid 0, target_type PROCESS, tid 3688, attr group, value
> 1002, result NOT_GRANTED by ADF
> Feb 23 20:13:32 debian kernel: rsbac_adf_request(): gid 1002 not
known
> to RSBAC User Management!
> Feb 23 20:13:32 debian kernel: rsbac_adf_request(): request
> CHANGE_GROUP, pid 3688, ppid 1, prog_name login,
prog_file /bin/login,
> uid 0, audit_uid 0, target_type PROCESS, tid 3688, attr group, value
> 1002, result NOT_GRANTED by ADF
> Feb 23 20:13:32 debian kernel: rsbac_adf_request(): uid 20 not known
to
> RSBAC User Management!
> Feb 23 20:13:32 debian kernel: rsbac_adf_request(): request
> CHANGE_OWNER, pid 3688, ppid 1, prog_name login,
prog_file /bin/login,
> uid 0, audit_uid 0, target_type PROCESS, tid 3688, attr owner, value
20,
> result NOT_GRANTED by ADF
You are running RSBAC user management in exclusive mode, so you can
only reach uids known to RSBAC user management. Either disable
permanently in kernel config or temporarily with rsbac_um_no_excl
kernel parameter.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list