grsecurity forums


https://forums.grsecurity.net./

enable learning without stopping RBAC

https://forums.grsecurity.net./viewtopic.php?f=3&t=1926

Page 1 of 1

enable learning without stopping RBAC

PostPosted: Fri Mar 14, 2008 3:26 pm
by voron
does it possible? Now I got
Code: Select all
voron grsec # gradm -R
Password:
Warning: You have enabled some form of learning on the subject for /usr/sbin/vsftpd in role voron.  You have not used -L on the command line however.  If you wish to use learning on this subject, use the -L argument to gradm.  Otherwise, remove the learning flag on this subject.
There were 1 holes found in your RBAC configuration.  These must be fixed before the RBAC system will be allowed to be enabled.
voron grsec # gradm -S
The RBAC system is currently enabled.
voron grsec # gradm -R -L /var/gradm3.log
gradm 2.1.11
grsecurity administration program

Usage: gradm [option] ...

Examples:
        gradm -P
        gradm -F -L /etc/grsec/learning.logs -O /etc/grsec/policy
Options:
..............................
But I am now running gradm with learning for /usr/sbin/vsftpd in role root, however. I can't start/stop/change learning without stopping RBAC completely. I know, that I can use disable-enable sequence like
Code: Select all
gradm -D;gradm -E -L /var/gradm.log
but for example under heavy load enabling can take some time while system still be insecured.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/