[rsbac] upgrade to 1.2.5

Amon Ott ao at rsbac.org
Fri Nov 18 09:06:39 CET 2005

On Donnerstag 17 November 2005 20:20, Andrea Pasquinucci wrote:
> I just made an upgrade from 1.2.4 to 1.2.5 of a little bit 
> machine. I solved all new controls, but the following two remain, 
> if all seems to be working fine also in enforcing mode:
> Thu Nov 17 17:00:55 2005 :<6>0000000069|rsbac_adf_request(): request 
> GET_STATUS_DATA, pid 332, ppid 4, prog_name udev, 
prog_file /bin/udev, 
> uid 0, target_type SCD, tid sysfs, attr owner, value 0, result 
> NOT_GRANTED (Softmode) by RC

> Thu Nov 17 17:01:15 2005 :<6>0000000252|rsbac_adf_request(): request 
> MODIFY_SYSTEM_DATA, pid 1834, ppid 1833, prog_name cupsd, prog_file 
> /usr//sbin/cupsd, uid 0, target_type NETOBJ, tid cdbe5240 INET 
> proto TCP local remote, attr setsockopt_level, 
> 1, result NOT_GRANTED (Softmode) by RC

udev probably runs with the boot role, not that of a certain user '0'. 
cupsd should have its own role. If not, it might have boot role, too.

Please enable rsbac_debug_adf_rc to see all roles and types involved, 
just add this kernel parameter when booting.

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list