Role flag "G" problem
Posted: Sun Nov 23, 2008 5:45 amSince I've upgraded to a kernel based on 2.6.27 (currently 2.6.27.5 using grsec-2.1.12-2.6.27.5-200811071900), some error messages are logged every time I authenticate myself as root.
Role flag "G" is specified for root in order to make this user able to authenticate using gradm. Some directories - including boot - are hidden. No matter if I replace "h" to "hs" for role root, these messages still get logged. If I try to create a policy for gradm, grsec reports, that I've tried to modify an already existing instance - which is probably included because Role flag "G", but the exact contents are hidden.
This behavior appeared recently.
Did I miss something?
Any ideas on this are greatly appreciated.
Is it discouraged to authenticate using gradm while logged in as root?
Regards,
Dw.
- Code: Select all
Nov 23 10:09:44 hostname grsec: (root:U:/sbin/gradm) denied access to hidden file /root by /sbin/gradm[gradm:7187] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:7033] uid/euid:0/0 gid/egid:0/0
Role flag "G" is specified for root in order to make this user able to authenticate using gradm. Some directories - including boot - are hidden. No matter if I replace "h" to "hs" for role root, these messages still get logged. If I try to create a policy for gradm, grsec reports, that I've tried to modify an already existing instance - which is probably included because Role flag "G", but the exact contents are hidden.
This behavior appeared recently.
Did I miss something?
Any ideas on this are greatly appreciated.
Is it discouraged to authenticate using gradm while logged in as root?
Regards,
Dw.