[rsbac] upgrade to 1.2.5
Amon Ott
ao at rsbac.org
Fri Nov 18 09:06:39 CET 2005
On Donnerstag 17 November 2005 20:20, Andrea Pasquinucci wrote:
> I just made an upgrade from 1.2.4 to 1.2.5 of a little bit
complicated
> machine. I solved all new controls, but the following two remain,
even
> if all seems to be working fine also in enforcing mode:
>
> Thu Nov 17 17:00:55 2005 :<6>0000000069|rsbac_adf_request(): request
> GET_STATUS_DATA, pid 332, ppid 4, prog_name udev,
prog_file /bin/udev,
> uid 0, target_type SCD, tid sysfs, attr owner, value 0, result
> NOT_GRANTED (Softmode) by RC
> Thu Nov 17 17:01:15 2005 :<6>0000000252|rsbac_adf_request(): request
> MODIFY_SYSTEM_DATA, pid 1834, ppid 1833, prog_name cupsd, prog_file
> /usr//sbin/cupsd, uid 0, target_type NETOBJ, tid cdbe5240 INET
STREAM
> proto TCP local 0.0.0.0:0 remote 0.0.0.0:0, attr setsockopt_level,
value
> 1, result NOT_GRANTED (Softmode) by RC
udev probably runs with the boot role, not that of a certain user '0'.
cupsd should have its own role. If not, it might have boot role, too.
Please enable rsbac_debug_adf_rc to see all roles and types involved,
just add this kernel parameter when booting.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list