grsecurity forums

Hello,

I have a problem which is getting irritating after 12 kernel recompiles .

I had grsecurity working fine untill I stumbled on some incompatibility issues with some software and the version of GCC shipped with RedHat 8. Because I did not know it was GCC I disabled grsecurity to see if that would solve the prob.. Well, it didn't

ANyway, now that I re-enabled grsecurity again nothing works anymore. I have now disabled *ALL* grsecurity options in de kernel but I still get these kind of messages:

grsec: denying execution of /bin/sh by (chroot:440) UID(0) EUID(0), parent (sh:439) UID(0) EUID(0

grsec: attempt to open /var/log/wtmp for writing by (init:1) UID(0) EUID(0), parent (swapper:0) UID(0) EUID(0)

grsec: attempt to open /var/log/lastlog for reading writing by (sshd:450) UID(0) EUID(0), parent (sshd:448) UID(0) EUID(0)

I cannot even chroot to one of my chroots because I am not allowed to execute /bin/bash.

Any ideas?

gradm -E enables the ACL system. You've enabled the ACL system, and that's why you're getting those messages. The messages are not due to bugs in grsecurity, but due to your incomplete ACL setup. Read the ACL documentation on how to correctly set up your ACLs.

-Brad

Well, I dont want to use the ACL for my filesystem. I only want to use the grsecurity kernel patches (like restricted dmesg, restricted /proc and stuff like that).

But it looks like grsecurity is disabled completely if I dont have gradm set to enable

nope, the rest of grsecurity will work regardless of whether the ACL system is enabled or not.

-Brad