[rsbac] Abou first boot with RSBAC

Bartosz Brodecki bbrodecki at cs.put.poznan.pl
Wed Apr 18 10:15:47 CEST 2007 

Hi,

I wrote your command and I don't get any error,

me question is user "secoff" has id=400 ?
beacause it is only user who may change premisson in rsbac

Bartek

Dnia środa, 18 kwietnia 2007 08:04, Tuan TRINH napisał:
> Hi all,
>
> Thanks Bartek for the answer. Yes, I know that it said I use invalid
> attribute, this command I learn from:
>
> http://www.gentoo.org/proj/en/hardened/rsbac/quickstart.xml
>
> but I would like to khow how can I use it in correct way? or how can I find
> out the root error of this?
>
> Thanks,
> TAT
>
> On 4/17/07, Bartosz Brodecki <Bartosz.Brodecki at cs.put.poznan.pl> wrote:
> > Dnia wtorek, 17 kwietnia 2007 15:37, Tuan TRINH napisał:
> > > Hi all,
> > >
> > > I have problem with first boot with RSBAC as follow:
> > >
> > > 1/ I boot the kernel with " rsbac_softmode "
> > > 2/ login with secoff
> > > 3/ and do the command " attr_set_fd AUTH FILE auth_may_setuid 1
> >
> > /bin/login
> >
> > > " but it result error : " /bin/login: error: RSBAC_EINVALIDATTR "
> > >
> > > Questions:
> > >
> > > Q1/ After booting what command I can use to know that RSBAC is enabled
> > > ? Q2/ What does this above error message mean ? And how can I resolve
> > > it ?
> > >
> > > Thank you,
> > > Tuan TRINH
> >
> > Hi,
> >
> > the command should be "attr_set_fd FILE auth_may_setuid 1 /bin/login"
> > this error say that You use invalid attribute
> >
> > about Q1 - when rsbac starting you see messages in booting proces from
> > rsbac
> > system;
> > when you have compiled in rsbac proc you see /proc/rsbac-info/ directory
> > and of course you should have some errors in /var/log/messages.
> >
> > Bartek
> > --
> > +-----------------------------
> >
> > | Bartosz Brodecki
> > | Instytut Informatyki
> > | Politechnika Poznanska
> > |
> > | Bartosz.Brodecki at cs.put.poznan.pl
> > | tel. (+48 61) 665-23-71
> >
> > +----------------------------------------------------
> >
> > _______________________________________________
> > rsbac mailing list
> > rsbac at rsbac.org
> > http://www.rsbac.org/mailman/listinfo/rsbac
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.rsbac.org/pipermail/rsbac/attachments/20070418/27321bfc/attachment.pgp

More information about the rsbac mailing list