does it possible? Now I got
- Code: Select all
voron grsec # gradm -R
Password:
Warning: You have enabled some form of learning on the subject for /usr/sbin/vsftpd in role voron. You have not used -L on the command line however. If you wish to use learning on this subject, use the -L argument to gradm. Otherwise, remove the learning flag on this subject.
There were 1 holes found in your RBAC configuration. These must be fixed before the RBAC system will be allowed to be enabled.
voron grsec # gradm -S
The RBAC system is currently enabled.
voron grsec # gradm -R -L /var/gradm3.log
gradm 2.1.11
grsecurity administration program
Usage: gradm [option] ...
Examples:
gradm -P
gradm -F -L /etc/grsec/learning.logs -O /etc/grsec/policy
Options:
..............................
But I am now running gradm with learning for
/usr/sbin/vsftpd in role
root, however. I can't start/stop/change learning without stopping RBAC completely. I know, that I can use disable-enable sequence like
- Code: Select all
gradm -D;gradm -E -L /var/gradm.log
but for example under heavy load enabling can take some time while system still be insecured.
