[rsbac] rsbac_jail ipc problem

Thomas Mueller news-exp-jul05 at tmueller.com
Thu Jul 7 14:50:56 CEST 2005


I have a rsbac_jail with hammerhead, a http server stress test programm.

When a user logs in I call sudo to start the jail where I use su to
switch back to the user (sounds weird but works great :) ):

sudo ${JAIL} -l -i -r -a -R /var/local/home/chroot/ -I ${FORCEIP} -C
${FORCECAP} /bin/su - $USER

The problem is that hammerhead doesn't work without -i:

Jul  7 11:02:48 geht-schon kernel: rsbac_adf_request(): request
READ_WRITE_OPEN, pid 29705, ppid 26372, prog_name hammerhead, prog_file
/var//local/home/chroot/usr/bin/hammerhead, uid 20001, audit_uid 20001,
target_type IPC, tid Shm-ID 524293, attr none, value none, result

The only IPC that makes sense is between hammerhead childs so this is
within the jail and '-i' shouldn't be required? Is it possible that
rsbac_jail misdetects the IPC as going outside?

I use kernel with rsbac 1.2.4.


More information about the rsbac mailing list