[grsec] gradm2 2.0.1 and grsec 2.0.1 bug with enabling RBAC
Marek Habersack
grendel at caudium.net
Fri Oct 29 19:25:44 EDT 2004
On Fri, Oct 29, 2004 at 06:58:36PM -0400, spender at grsecurity.net scribbled:
> > grsec: From 192.168.24.68: Fatal: Unable to find ACL for (init:1)
> > grsec: From 192.168.24.68: Unable to load grsecurity 2.0.1 for
> > /sbin/gradm2[gradm2:5393] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:23036] uid/euid:0/0 gid/egid:0/0 RBAC system may already be enabled.
> > grsec: gracl.c:2907: returning 1
>
> The only time this happens is when the structures in userspace don't
> match those in the kernel (and yet the structure size is the same). Did
> you compile gradm after you were running the grsec kernel, using header
> files from the grsec kernel, and not some other kernel?
I have used the debian package for gradm2 and the patch downloaded from the
grsecurity site to build my own kernel. I have assumed the utility was built
for debian with the proper grsecurity patch version, apparently this is not
the case. I have recompiled gradm by hand on the machine I ran the tests on
- it works perfectly now. I will file a bug against the utility in debian,
thanks a lot and sorry for the confusion - I should have checked all the
possibilities.
thanks again,
marek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20041030/76cddd8a/attachment.pgp
More information about the grsecurity
mailing list