learning mode - 2.0rc3, can't create per subject acls?
Posted: Thu Sep 18, 2003 3:17 pm
Hi all!
I'm having problems while trying to create some subject acls.
My "acl" file is the standard one (with some extra restrictions) and at the end (still in the default acl) I have this block:
subject /usr/sbin/sshd lo
/ h
-CAP_ALL
connect disabled
bind disabled
I enable de the ACL system with gradm -L /tmp/sshd -E
I start/stop the sshd service, log in, log out, etc, etc...
I can see the /tmp/sshd file size is increasing and its contents seem "right":
(...)
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/sshd_config 16 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/sshd_config 17 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/ssh_host_rsa_key 16 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/ssh_host_rsa_key 17 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/ssh_host_dsa_key 16 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1
(...)
All seems fine here.
Now my problem:
I try to create the acl from the learning logs using
gradm -L /tmp/sshd -O /tmp/sshd-rules
gradm doesn't give me any warnings or errors but /tmp/sshd-rules is empty.
What is happenning?
I'm probably not doing something right or missing something :/
Thanks in advance,
João P.
I'm having problems while trying to create some subject acls.
My "acl" file is the standard one (with some extra restrictions) and at the end (still in the default acl) I have this block:
subject /usr/sbin/sshd lo
/ h
-CAP_ALL
connect disabled
bind disabled
I enable de the ACL system with gradm -L /tmp/sshd -E
I start/stop the sshd service, log in, log out, etc, etc...
I can see the /tmp/sshd file size is increasing and its contents seem "right":
(...)
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/sshd_config 16 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/sshd_config 17 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/ssh_host_rsa_key 16 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/ssh_host_rsa_key 17 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1 /etc/ssh/ssh_host_dsa_key 16 10.0.0.2
default 20 0 0 /usr/sbin/sshd /usr/sbin/sshd 1 1
(...)
All seems fine here.
Now my problem:
I try to create the acl from the learning logs using
gradm -L /tmp/sshd -O /tmp/sshd-rules
gradm doesn't give me any warnings or errors but /tmp/sshd-rules is empty.
What is happenning?
I'm probably not doing something right or missing something :/
Thanks in advance,
João P.