I'm fiddling around with grsecurity (have been running LIDS/SELinux/RSBAC before). But I can't get the learning mode to work. This is what I have done.
First the default "acl"
The added this at the bottom of the file
- Code: Select all
subject /bin/ping lo {
/ h
-CAP_ALL
}
Then:
- Code: Select all
# gradm -E
# ping ...
# ping ...
# ping ...
# gradm -D
# gradm -L -O /etc/grsec/acl
But it's not working.
I have tested the full learning mode and that works.
Am I missing somthing here?
[/code]