Syntax error in /etc/grsec/policy
Posted: Sun Jan 18, 2015 6:46 amHello everybox.
I've enable grsec patch and full system learning on my arch.
I type #gradm -F -L /etc/grsec/learning.logs -O /etc/grsec/policy but there is an issue :
"subject" caused a syntax error on line 939 of /etc/grsec/policy.
I search why, and i don't understand where is exactly the problem.
Here is a copy of line 939 :
# Role: root
subject /usr/bin/dbus-launch o {
/
/boot h
/dev h
/dev/null rw
/etc h
/etc/ld.so.cache r
/etc/nsswitch.conf r
/etc/passwd r
/proc/bus h
/proc/kallsyms h
/proc/kcore h
/proc/modules h
/proc/slabinfo h
/proc/sys h
/root h
/root/.dbus
/root/.dbus/session-bus
/root/.dbus/session-bus/bfb75508f17f4376b6276ba637b40ec3-0 w
/sys h
/tmp r
/usr h
/usr/bin h
/usr/bin/dbus-daemon x
/usr/bin/dbus-launch x
/usr/lib rx
/usr/lib/modules h
/var/backups h
/var/log h
-CAP_ALL
bind disabled
connect disabled
}
Thx for ur help.
I've enable grsec patch and full system learning on my arch.
I type #gradm -F -L /etc/grsec/learning.logs -O /etc/grsec/policy but there is an issue :
"subject" caused a syntax error on line 939 of /etc/grsec/policy.
I search why, and i don't understand where is exactly the problem.
Here is a copy of line 939 :
# Role: root
subject /usr/bin/dbus-launch o {
/
/boot h
/dev h
/dev/null rw
/etc h
/etc/ld.so.cache r
/etc/nsswitch.conf r
/etc/passwd r
/proc/bus h
/proc/kallsyms h
/proc/kcore h
/proc/modules h
/proc/slabinfo h
/proc/sys h
/root h
/root/.dbus
/root/.dbus/session-bus
/root/.dbus/session-bus/bfb75508f17f4376b6276ba637b40ec3-0 w
/sys h
/tmp r
/usr h
/usr/bin h
/usr/bin/dbus-daemon x
/usr/bin/dbus-launch x
/usr/lib rx
/usr/lib/modules h
/var/backups h
/var/log h
-CAP_ALL
bind disabled
connect disabled
}
Thx for ur help.