[rsbac] apache2: error -1018

Intzoglu István intzi at vim.hu
Mon Aug 27 12:21:07 CEST 2007 

Hi Amon,

Here is my log of shutdown:

Aug 27 11:50:31 debian shutdown[4489]: shutting down for system halt
Aug 27 11:50:31 debian init: Switching to runlevel: 0
Aug 27 11:50:32 debian kernel: 0000000096|rsbac_get_attr(): auto-mounting device 00:07
Aug 27 11:50:32 debian kernel: 0000000097|rsbac_adf_request_daz(): rsbac_get_attr() returned error!
Aug 27 11:50:32 debian kernel: 0000000098|rsbac_acl_get_single_right(): Could not lookup device, blindly granting access!
Aug 27 11:50:32 debian kernel: 0000000099|rsbac_adf_request(): request CLOSE, pid 4475, ppid 4428, prog_name apache2, prog_fi
le /usr/sbin/apache2, uid 33, target_type FILE, tid Device 00:07 Inode 455 Path anon_inode:/anon_inode:/[eventpoll], attr f_mo
de, value 3, result UNDEFINED by ADF
Aug 27 11:50:32 debian kernel: 0000000100|reset_scanned(): rsbac_set_attr() for daz_scanned on device 00:07 inode 455 returne
d error!
Aug 27 11:50:32 debian kernel: 0000000101|rsbac_adf_set_attr_daz(): rsbac_get_attr() returned error!
Aug 27 11:50:32 debian kernel: 0000000102|rsbac_adf_set_attr(): request CLOSE, pid 4475, uid 33, audit_uid 33, target_type FI
LE, tid Device 00:07 Inode 455 Path anon_inode:/anon_inode:/[eventpoll], new_target_type NONE, new_tid NONE, attr f_mode, valu
e 3, error -1003
Aug 27 11:50:32 debian kernel: 0000000103|filp_close() [sys_close]: rsbac_adf_set_attr() returned error
Aug 27 11:50:32 debian kernel: 0000000104|rsbac_adf_request_daz(): rsbac_get_attr() returned error!
Aug 27 11:50:32 debian kernel: 0000000105|rsbac_acl_get_single_right(): Could not lookup device, blindly granting access!
Aug 27 11:50:32 debian kernel: 0000000106|rsbac_adf_request(): request CLOSE, pid 4474, ppid 4428, prog_name apache2, prog_fi
le /usr/sbin/apache2, uid 33, target_type FILE, tid Device 00:07 Inode 455 Path anon_inode:/anon_inode:/[eventpoll], attr f_mo
de, value 3, result UNDEFINED by ADF
Aug 27 11:50:32 debian kernel: 0000000107|reset_scanned(): rsbac_set_attr() for daz_scanned on device 00:07 inode 455 returne
d error!
Aug 27 11:50:32 debian kernel: 0000000108|rsbac_adf_set_attr_daz(): rsbac_get_attr() returned error!
Aug 27 11:50:32 debian kernel: 0000000109|rsbac_adf_set_attr(): request CLOSE, pid 4474, uid 33, audit_uid 33, target_type FI
LE, tid Device 00:07 Inode 455 Path anon_inode:/anon_inode:/[eventpoll], new_target_type NONE, new_tid NONE, attr f_mode, valu
e 3, error -1003
Aug 27 11:50:32 debian kernel: 0000000110|filp_close() [sys_close]: rsbac_adf_set_attr() returned error
Aug 27 11:50:32 debian kernel: 0000000111|rsbac_adf_request_daz(): rsbac_get_attr() returned error!
Aug 27 11:50:32 debian kernel: 0000000112|rsbac_acl_get_single_right(): Could not lookup device, blindly granting access!
Aug 27 11:50:32 debian kernel: 0000000113|rsbac_adf_request(): request CLOSE, pid 4473, ppid 4428, prog_name apache2, prog_fi
le /usr/sbin/apache2, uid 33, target_type FILE, tid Device 00:07 Inode 455 Path anon_inode:/anon_inode:/[eventpoll], attr f_mo
de, value 3, result UNDEFINED by ADF
Aug 27 11:50:32 debian kernel: 0000000114|reset_scanned(): rsbac_set_attr() for daz_scanned on device 00:07 inode 455 returne
d error!
Aug 27 11:50:32 debian kernel: 0000000115|rsbac_adf_set_attr_daz(): rsbac_get_attr() returned error!
Aug 27 11:50:32 debian kernel: 0000000116|rsbac_adf_set_attr(): request CLOSE, pid 4473, uid 33, audit_uid 33, target_type FI
LE, tid Device 00:07 Inode 455 Path anon_inode:/anon_inode:/[eventpoll], new_target_type NONE, new_tid NONE, attr f_mode, valu
e 3, error -1003
Aug 27 11:50:32 debian kernel: 0000000117|filp_close() [sys_close]: rsbac_adf_set_attr() returned error
Aug 27 11:50:32 debian kernel: 0000000118|rsbac_adf_request_daz(): rsbac_get_attr() returned error!
Aug 27 11:50:32 debian kernel: 0000000119|rsbac_acl_get_single_right(): Could not lookup device, blindly granting access!
Aug 27 11:50:32 debian kernel: 0000000120|rsbac_adf_request(): request CLOSE, pid 4472, ppid 4428, prog_name apache2, prog_fi
le /usr/sbin/apache2, uid 33, target_type FILE, tid Device 00:07 Inode 455 Path anon_inode:/anon_inode:/[eventpoll], attr f_mo
de, value 3, result UNDEFINED by ADF
Aug 27 11:50:32 debian kernel: 0000000121|reset_scanned(): rsbac_set_attr() for daz_scanned on device 00:07 inode 455 returne
d error!
Aug 27 11:50:32 debian kernel: 0000000122|rsbac_adf_set_attr_daz(): rsbac_get_attr() returned error!
Aug 27 11:50:32 debian kernel: 0000000123|rsbac_adf_set_attr(): request CLOSE, pid 4472, uid 33, audit_uid 33, target_type FI
LE, tid Device 00:07 Inode 455 Path anon_inode:/anon_inode:/[eventpoll], new_target_type NONE, new_tid NONE, attr f_mode, valu
e 3, error -1003
Aug 27 11:50:32 debian kernel: 0000000124|filp_close() [sys_close]: rsbac_adf_set_attr() returned error
Aug 27 11:50:32 debian postfix/master[4299]: terminating on signal 15
Aug 27 11:50:34 debian syslog-ng[4145]: SIGTERM received, terminating;
Aug 27 11:50:34 debian syslog-ng[4145]: syslog-ng shutting down; version='2.0.0'


Monday, August 27, 2007, 12:00:08 PM, you wrote:
> ----------------------------------------------------------------------

> Message: 1
> Date: Mon, 27 Aug 2007 01:29:21 +0200
> From: Intzoglu Istv?n <intzi at vim.hu>
> Subject: [rsbac] apache2: error -1018
> To: rsbac at rsbac.org
> Message-ID: <1854607771.20070827012921 at vim.hu>
> Content-Type: text/plain; charset=us-ascii

> Hi all!

> First of all I'm new to rsbac and in spite of fact that everything
> seems work fine! except this:

> Starting web server (apache2)...0000000086|rsbac_adf_set_attr():
> request CREATE, pid 4412, uid 0, audit_uid 0,
> target_type IPC, tid Sem-ID 0, new_target_type NONE, new_tid NONE, attr none, value 0, error -1018
> 0000000087|newary() [sys_semget()]: rsbac_adf_set_attr() returned error<7>

> when I shutdown the computer:

> 0000000132|rsbac_adf_request(): request CLOSE, pid 4461, ppid 4420,
> prog_name apache2, prog_file /usr/sbin/apache2, uid 33,
> target_type FILE, tid Device 00:07 Inode 455 Path
> anon_inode:/anon_inode:/[eventpoll], attr f_mode, value 3, result UNDEFINED by ADF

> aside from these errors apache2 run fine!

> whats wrong? what is missing? :-/

> -- 
> Best regards,
>  Intzi                          mailto:intzi at vim.hu



> ------------------------------

> Message: 2
> Date: Mon, 27 Aug 2007 08:53:01 +0200
> From: Amon Ott <ao at rsbac.org>
> Subject: Re: [rsbac] apache2: error -1018
> To: RSBAC Discussion and Announcements <rsbac at rsbac.org>
> Message-ID: <200708270853.01717.ao at rsbac.org>
> Content-Type: text/plain; charset="iso-8859-1"

> On Monday 27 August 2007 01:29, Intzoglu Istv?n wrote:
>> First of all I'm new to rsbac and in spite of fact that everything
>> seems work fine! except this:
>>
>> Starting web server (apache2)...0000000086|rsbac_adf_set_attr():
>> request CREATE, pid 4412, uid 0, audit_uid 0, target_type IPC, tid
>> Sem-ID 0, new_target_type NONE, new_tid NONE, attr none, value 0,
>> error -1018 0000000087|newary() [sys_semget()]:
>> rsbac_adf_set_attr() returned error<7>

> It seems that Sem IDs may legally be 0, so the check is wrong here. 
> The attached patch disables the check in this case, it is already in 
> svn.

>> when I shutdown the computer:
>>
>> 0000000132|rsbac_adf_request(): request CLOSE, pid 4461, ppid 4420,
>> prog_name apache2, prog_file /usr/sbin/apache2, uid 33, target_type
>> FILE, tid Device 00:07 Inode 455 Path
>> anon_inode:/anon_inode:/[eventpoll], attr f_mode, value 3, result
>> UNDEFINED by ADF

> Any other RSBAC log messages around that message? UNDEFINED should 
> never happen with CLOSE on FILE targets, even on a pseudo fs.

> Amon.



-- 
Best regards,
 Intzi                            mailto:intzi at vim.hu

More information about the rsbac mailing list