[rsbac] RC Problem with klog and syslogd
Amon Ott
ao at rsbac.org
Wed Oct 31 11:56:36 CET 2007
On Wednesday 31 October 2007 11:29, 1-IT-4-HOSP wrote:
> Amon Ott schrieb Am 30.10.2007 17:46:
> > This means that the RSBAC inheritance code does not work
> > correctly. What filesystem type is /dev? What exact kernel
> > sources do you use?
>
> Filesystem is udev on /dev type tmpfs.
> Kernel is 2.6.22.1 from kernel.org with
> "patch-linux-2.6.22.1-rsbac-1.3.5", "rsbac-common-1.3.5" and
> "rsbac-admin-1.3.5"
Can you please retry with
http://download.rsbac.org/kernels/1.3.6/2.6.23.1/linux-2.6.23.1-rsbac-1.3.6.tar.bz2 ?
> > Here we come to the clue: You enabled "Check partner process" in
> > the kernel config. You need to allow RECEIVE for role 4 to
> > PROCESS type 0 (type_comp_process).
> > This is what comes as a result. With the partner process check,
> > there are actually two requests in one.
>
> You're completely right! With this permission it works fine. Thank
> you very much :-)
> Should I disable "Check partner process" with the next version I
> compile?
These extra checks are fine, if you want better separation. Just keep
in mind that more rights have to be given.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list