[grsec] gradm2 2.0.1 and grsec 2.0.1 bug with enabling RBAC

[Peter S. Mazinger]

On Sat, 30 Oct 2004, Laszlo 'GCS' Boszormenyi wrote:

> Hi all,
> 
> * Marek Habersack <grendel at caudium.net> [2004-10-30 01:25:44 +0200]:
> 
> > I have used the debian package for gradm2 and the patch downloaded from the
> > grsecurity site to build my own kernel. I have assumed the utility was built
> > for debian with the proper grsecurity patch version, apparently this is not
> > the case. I have recompiled gradm by hand on the machine I ran the tests on
> > - it works perfectly now. I will file a bug against the utility in debian,
> > thanks a lot and sorry for the confusion - I should have checked all the
> > possibilities.
>  As the maintainer of grsecurity related packages in debian, I find this
> situation a bit confusing. I run grsecurity2 and gradm2 here, and with
> the 2.6 series kernel, it is working. But yes, I could reproduce the bug
> Marek reported if I switch back to 2.4.27 on the same machine where it
> works with 2.6. My assumption was that the same gradm2 binary would work
> with both kernel series, which is obviously wrong as it isn't. Brad, is
> it possible to make a single gradm2 which works for both kernels? If
> not, and I have to ship two gradm2 binaries, then how should I name
> them?
>  Also, why the gradm2 needs to be compiled under a grsecurity enabled
> kernel? I think the necessary bits should be in gradm2, and with an
> autodetect or configure switch should be enabled the 2.4/2.6 support
> (given with the mess of 2.6, it would default to 2.4).

There is some check in sources looking if it is built against 2.4 or 2.6 
headers, gradm2 will be ok for the same kernel as the used kernel-headers.

Peter

-- 
Peter S. Mazinger <ps dot m at gmx dot net>           ID: 0xA5F059F2
Key fingerprint = 92A4 31E1 56BC 3D5A 2D08  BB6E C389 975E A5F0 59F2