grsecurity forums

[Loggy]

I am having trouble with admin access. I set up two admin's and set the password etc but both of them refuse access with Invalid password. For the moment, I have set the password to be the same as the RBAC password.

I am ssh-ing in from another box. The ACLs are:

Code: Select all

role admin sA
role_allow_ip 192.168.0.0/16
role_allow_ip 0.0.0.0/32
subject / r
   / rwcdmxi
   +CAP_ALL

role admin0 sA
role_allow_ip 192.168.0.0/16
role_allow_ip 0.0.0.0/32
subject / r
   / rwcdmxi
   +CAP_ALL


I see that after 3 tries, the system locks the admin user out and I have deleted /etc/grsec/pw and tried again and set up the second admin0 but this still occurs.

The syslog error reported is:

Code: Select all

May 28 11:01:11 saturn kernel: grsec: From 192.168.20.2: special role admin0 failure for /sbin/gradm[gradm:21550] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:2233] uid/euid:0/0 gid/egid:0/0


Apart from a reboot, is there any other way of resetting the admin/admin0 login error count?

TIA

John[/code]

[onyx]

Hi!

You should add a role_transition to the role, from wich you'd like to be admin, for example root.

role root uG
role_transitions admin
role_allow_ip 0.0.0.0/0
subject / {
...
}

This means, from the root role, you can authenticate to the role admin, and from nobody else can.

bye, onyx