[rsbac] RSBAC kernel hangs while booting

Amon Ott ao at rsbac.org
Wed Mar 29 09:07:37 CEST 2006


On Dienstag 28 März 2006 18:41, Tigran S. Avanesov wrote:
> I have linux-2.6.14 kernel, 
> and debian patch "buslogic-pci-id-table.patch" on it.
> After patching with linux-2.6.14-rsbac-1.2.5.1.patch and compiling, 
linux very 
> often fails to boot (hangs) with error like
> .............
> [<c014cf49>] 	auto_read+0x59/0x60
> .......			do_page_fault+....
> .... 			rsbac_adf_request_mac+....
> etc.
> 
> But sometimes it boots ok

Does it boot with MAC disabled?
 
> while booting it prints a lot of errors like
>   00000000193|rsbac_adf_request(): request CHANGE_OWNER, pid 1585, 
ppid 1, 
> prog_name busybox, prog_file /bin/busybox, uid 0, target_type 
PROCESS, tid 
> 1585, attr owner, value 0, result NOT_GRANTED by AUTH

This means that the AUTH module is doing its job: It does not allow 
setuid (CHANGE_OWNER), if the program is not allowed to. I wonder why 
your RSBAC is already initialized when running busybox from initrd, 
though. It should not.
 
> Some config parameters:
> CONFIG_RSBAC_INIT_THREAD=y
> CONFIG_RSBAC_INIT_DELAY=y
> 
> As far as I understand,  /bin/busybox - is from initrd (I 
renamed /bin/busybox 
> from root filesystem, but errors were the same)
> Settings in rsbac_menu I changed were only for /bin/login -AUTH May 
Setuid

Please try setting kernel parameter rsbac_delayed_root=3 or whatever 
is the major number of your root partition.

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22


More information about the rsbac mailing list