grsecurity forums

Hello,

After installing grsecurity everything is just kosher, enabling sysctl and installing gradm once enabled it cannot read the license, turn it off and works just fine, I did a quick search I didnt find much, any light to shed on the subject would be great

Ron wrote:After installing grsecurity everything is just kosher, enabling sysctl and installing gradm once enabled it cannot read the license, turn it off and works just fine, I did a quick search I didnt find much, any light to shed on the subject would be great

look at your grsec logs, maybe you can spot what access was denied. or strace it and see what fails that should work otherwise.

Im guessing this would be in /var/log/messages yes? I wont know till I can get into the noc i cant reach the system here at home, but the test system I have at home heres a link to the messages

http://stlhosting.com/messages.txt last 100 or so entries.. this system at home is redhat 9 the one im working on has centos 3.4 or 4.0 whichever I forgot im sure its a simple matter of enabling some files so it can have access to them but where and what im still learning this yet installing and compiling was fairly easy

Entire config http://stlhosting.com/.config-grsec

You've enabled the RBAC system but it doesn't seem like you've properly configured it yet. You should use the learning mode to generate a policy that will work on your system.

-Brad

Cool, heres what I get

gradm -F -L /var/log/learn.log
Duplicate subject found for "/etc/rc.d/init.d" in role default, on line 1 of (null).
"/etc/rc.d/init.d" references the same object as "/etc/init.d" specified on an earlier line.
The RBAC system will not load until this error is fixed.

CentOS release 3.6 (Final) btw

Remove the last line of the /etc/grsec/learn_config file:
inherit-learn /etc/rc.d/init.d

-Brad