[rsbac] rsbac_auditor_rol

Javier J. Martínez Cabezón tazok.id0 at gmail.com
Sat Jan 31 11:21:00 CET 2009

Well, seems that this is controlled by "AUTH Role" for USER, I think
it would be useful to put this flag in roles too and not only in
users. I have for example one force role that makes all logging
granted to syslog-ng. If I'm not wrong AUTH search if this flag is
switched to secoff or auditor to grant the access to rsbac_log. It
depend of the existance of a user with this switch. Adding it to roles
instead users would be better in my opinion.

2009/1/31 Javier J. Martínez Cabezón <tazok.id0 en gmail.com>:
> Hi, I have seen in the logs that access to GET_STATUS_DATA to SCD
> target rsbac_log is denied by AUTH. As seen in the source code in
> auth_main.c is hardcoded that only the roles of auditor or secoff has
> this rights granted. I think it would be useful to have a switch in
> the kernel that we could select the auditor role "number" (as the
> secoff uid in .config) and not depend on name at first (if someone
> create one role with the same name I think it could be dangerous). Now
> I can make an rc_copy_rol from my syslog role (8)  to auditor one (3)
> but I think that other solution could be more proper.

More information about the rsbac mailing list