[grsec] gradm complains about subject created by grlearn... bug?
Marc Schiffbauer
marc at schiffbauer.net
Mon Nov 29 16:26:50 EST 2004
Hi,
gradm complains about a subject created by grlearn. What is the
proper way to fix it?
pluto:~# gradm -R
Password:
Duplicate object found for "/home/chroot/dev/pts" in role root,
subject /bin/ps, on line 538 of /etc/grsec/acls/user_root.acl.
"/home/chroot/dev/pts" references the same object as the following
object(s):
/dev/pts
specified on an earlier line.The RBAC system will not load until
this error is fixed.
pluto:~#
# this is the subject:
--------------------------------------------------
subject /bin/ps o {
/ h
/dev h
/dev/null
/dev/pts/0
/dev/pts/1
/dev/tty1
/etc r
/etc/ssh h
/etc/grsec h
/etc/shadow h
/home h
/home/chroot/dev/pts/0
/lib rx
/proc r
/proc/kcore h
/proc/sys h
-CAP_ALL
+CAP_DAC_OVERRIDE
+CAP_SYS_PTRACE
bind disabled
connect disabled
}
--------------------------------------------------
Both objects have a devpts fs mounted:
pluto:~# mount | grep pts
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
devpts on /home/chroot/dev/pts type devpts (rw)
pluto:~#
--
+------------------------------------------------------------------+
| --> http://www.links2linux.de <-- |
| |
+---Registered-Linux-User-#136487------------http://counter.li.org +
More information about the grsecurity
mailing list