I am using gradm 3.0 with kernel 3.13.6 (specifically, Gentoo 3.13.6-hardened-r3). I experience very odd behavior. On a remote machine I entered full learning mode, ssh-ed to the machine a couple of times on several accounts, deactivated RBAC and generated a policy from the learning logs. Then I activated RBAC, but something is wrong: when I ssh to the machine, I get the shell prompt and that's it - I cannot enter anything, I cannot even terminate the session with ".~" as usual. However, any ssh session that was opened before activating RBAC continues to work fine. Even more amazing: when I deactivate RBAC, the ssh sessions remain stuck - the terminal is completely dead. However, when I terminate the ssh session locally using kill, then everything that I typed into the session is executed locally.
Any suggestions?
Here it is:
The learner adds
bind disabled
connect disabled
for sshd, which is wrong. It should be
bind 0.0.0.0/32:22 stream tcp
connect disabled