[rsbac] error msg ?
Andrea Pasquinucci
cesare at ucci.it
Mon Sep 25 16:48:12 CEST 2006
On Mon, Sep 25, 2006 at 04:14:47PM +0200, Amon Ott wrote:
* On Montag 25 September 2006 16:03, Andrea Pasquinucci wrote:
* > Some days ago I installed a new server with rsbac-1.2.8 and every
* time I
* > was setting a new RC rule (in Softmode also) I was getting an error
* > message similar to the following one
* >
* > <7>0000000644|check_comp_rc(): pid 2457 (attr_set_file_d), owner
* 400,
* > rc_role 1, DIR rc_type 3, request MODIFY_ATTRIBUTE -> NOT_GRANTED!
* >
* > All rules have been installed and work correctly, and no error
* messages
* > of other type appeared in the log. I don't understand...
*
* This is a message from rsbac_debug_adf_rc. Your role 1 does not have
* MODIFY_ATTRIBUTE right to FD type 3, but probably admin_type
* role_admin. So the request gets granted because of the admin_type.
You are right. In this case I added rsbac_debug_adf_rc to the boot
options from the beginning, before I added it after rsbac configuration.
Thanks, Andrea
--
Andrea Pasquinucci cesare at ucci.it
PGP key: http://www.ucci.it/ucci_pub_key.asc
fingerprint = 569B 37F6 45A4 1A17 E06F CCBB CB51 2983 6494 0DA2
More information about the rsbac
mailing list