Hi everybody,
has anyone experience with pon and poff scripts from debian in a grsecurity environment? My DSL connected server runs fine for a couple of days after disconnection my bash link-control scripts cannot bring up the dsl again...
seems to be a permission problem with pppd and pon/poff and ifconfig
grsec: From 192.168.100.99: denied access to hidden file /lib/ld-2.2.5.so by (sh:9463) UID(0) EUID(0), parent (pppd:9462) UID(0) EUID(0)
although i have /lib rx in the default rule i get the deny all the time
I tried to run:
/usr/sbin/pppd lo {
/ h
/lib/ld-2.2.5.so rx
-CAP_ALL
+CAP_FSETID
+CAP_SETUID
+CAP_NET_ADMIN
+CAP_SETGID
}
(...i found some denies to CAP_FSETID,CAP_SETUID, CAP_SETGID,CAP_NET_ADMIN in dmesg so i put the in the file and switched on learning mode)
Although i am running learning mode it is not possible to bring up DSL again. If DSL is running and i switch on grsecurity afterwards everything is fine until the line is disconnected
Any suggestions?
regards
weeny