mailing list down? (and a ACL problem)
Posted: Wed Feb 26, 2003 7:39 amhi..
i tried several times yesterday to get access to the archive (yes.. i am subscribed to the mailing list). since it seemed that i forgot my password, i hit the "send me my password" button.. never got any mail.
the i tried to send a message to the list.
never got a copy from that message.
plus: i got a problem with learning mode:
i've created a very very basic acl set
then enabled gradm -E
it filled my log quite fast (several megabyte/minute)
nearly every line says
Feb 26 02:00:41 [kernel] grsec: LEARN:771:342834:0:0::21
but there are a few others:
Feb 26 01:59:26 [kernel] grsec:
LEARN:771:342834:2304:703166:/var/log/kernel:16
Feb 26 01:59:26 [kernel] grsec:
LEARN:771:342834:2304:703165:/var/log/kernel:65552
or
Feb 26 01:59:26 [kernel] grsec: LEARN:771:342834:201552:201552::1
when i run "gradm -L /var/log/grsecurity/current -O acl" (this is where my
logfile is located) it does nothing but removing the "l" from the subject
modes.
this should be grsecurity-1.9.9c with gradm-1.7b on my gentoo box
my learning mode acl:
/ l {
/ h
-CAP_ALL
RES_FSIZE 0 0
RES_DATA 0 0
RES_STACK 0 0
RES_RSS 0 0
RES_NPROC 0 0
RES_NOFILE 0 0
RES_MEMLOCK 0 0
RES_AS 0 0
RES_LOCKS 0 0
connect {
disabled
}
bind {
disabled
}
}
/usr/sbin/pure-ftpd lo {
/usr/sbin/pure-ftpd x
/ h
-CAP_ALL
RES_FSIZE 0 0
RES_DATA 0 0
RES_STACK 0 0
RES_RSS 0 0
RES_NPROC 0 0
RES_NOFILE 0 0
RES_MEMLOCK 0 0
RES_AS 0 0
RES_LOCKS 0 0
connect {
disabled
}
bind {
disabled
}
}
/usr/sbin/metalog lo {
/usr/sbin/metalog x
/ h
-CAP_ALL
RES_FSIZE 0 0
RES_DATA 0 0
RES_STACK 0 0
RES_RSS 0 0
RES_NPROC 0 0
RES_NOFILE 0 0
RES_MEMLOCK 0 0
RES_AS 0 0
RES_LOCKS 0 0
connect {
disabled
}
bind {
disabled
}
}
i tried several times yesterday to get access to the archive (yes.. i am subscribed to the mailing list). since it seemed that i forgot my password, i hit the "send me my password" button.. never got any mail.
the i tried to send a message to the list.
never got a copy from that message.
plus: i got a problem with learning mode:
i've created a very very basic acl set
then enabled gradm -E
it filled my log quite fast (several megabyte/minute)
nearly every line says
Feb 26 02:00:41 [kernel] grsec: LEARN:771:342834:0:0::21
but there are a few others:
Feb 26 01:59:26 [kernel] grsec:
LEARN:771:342834:2304:703166:/var/log/kernel:16
Feb 26 01:59:26 [kernel] grsec:
LEARN:771:342834:2304:703165:/var/log/kernel:65552
or
Feb 26 01:59:26 [kernel] grsec: LEARN:771:342834:201552:201552::1
when i run "gradm -L /var/log/grsecurity/current -O acl" (this is where my
logfile is located) it does nothing but removing the "l" from the subject
modes.
this should be grsecurity-1.9.9c with gradm-1.7b on my gentoo box
my learning mode acl:
/ l {
/ h
-CAP_ALL
RES_FSIZE 0 0
RES_DATA 0 0
RES_STACK 0 0
RES_RSS 0 0
RES_NPROC 0 0
RES_NOFILE 0 0
RES_MEMLOCK 0 0
RES_AS 0 0
RES_LOCKS 0 0
connect {
disabled
}
bind {
disabled
}
}
/usr/sbin/pure-ftpd lo {
/usr/sbin/pure-ftpd x
/ h
-CAP_ALL
RES_FSIZE 0 0
RES_DATA 0 0
RES_STACK 0 0
RES_RSS 0 0
RES_NPROC 0 0
RES_NOFILE 0 0
RES_MEMLOCK 0 0
RES_AS 0 0
RES_LOCKS 0 0
connect {
disabled
}
bind {
disabled
}
}
/usr/sbin/metalog lo {
/usr/sbin/metalog x
/ h
-CAP_ALL
RES_FSIZE 0 0
RES_DATA 0 0
RES_STACK 0 0
RES_RSS 0 0
RES_NPROC 0 0
RES_NOFILE 0 0
RES_MEMLOCK 0 0
RES_AS 0 0
RES_LOCKS 0 0
connect {
disabled
}
bind {
disabled
}
}