gradm in learning mode - problem
Posted: Sat Sep 21, 2002 4:16 pmHi!
I'm new to grsec, and i've got a problem witch gradm in learning mode.
I work on debian 3.0, kernel 2.4.19 witch grsec 1.9.6, and gradm 1.5
When i enable learning mode for, let's say /usr/bin/passwd, by giving it the lowes privilages (NOFILES 0 0 , etc) as stands in your howto.
Then i enable grsec by gradm -E, type passwd and recieve : too many open files. In howto it is written, that :
"What the learning mode does is log every access attempt that would have been denied by your ACL for that process, while allowing the access to occur"
so I shouldn't ever recieve such a message. To make things worse,
after disableing grsec and performing gradm -L -O /etc/grsec/acl
gradm only writes dynamically linked libraries that passwd needs (nothing special, i can do the same witch ldd `which passwd`), and limits remain equal to 0. Tell me what can I do, or at least give some more actual howto....
I'm new to grsec, and i've got a problem witch gradm in learning mode.
I work on debian 3.0, kernel 2.4.19 witch grsec 1.9.6, and gradm 1.5
When i enable learning mode for, let's say /usr/bin/passwd, by giving it the lowes privilages (NOFILES 0 0 , etc) as stands in your howto.
Then i enable grsec by gradm -E, type passwd and recieve : too many open files. In howto it is written, that :
"What the learning mode does is log every access attempt that would have been denied by your ACL for that process, while allowing the access to occur"
so I shouldn't ever recieve such a message. To make things worse,
after disableing grsec and performing gradm -L -O /etc/grsec/acl
gradm only writes dynamically linked libraries that passwd needs (nothing special, i can do the same witch ldd `which passwd`), and limits remain equal to 0. Tell me what can I do, or at least give some more actual howto....