I am on Slackware -current using a vanilla kernel 2.6.5 (with grsecurity patch).
I selected the Custom security level in the kernel. I made a list of the options compiled in (always a good thing to do with kernels ), which aren't listed here for the sake of not posting a huge thread.
I am using the default ACL now, as I can't find any documentation for this version of grsecurity.
The problem is this: Whenever I activate the RBAC system with gradm, I get this error in the logs:
- Code: Select all
May 9 15:05:33 logik kernel: grsec: Loaded grsecurity 2.0
May 9 15:05:33 logik kernel: Cannot read proc file system: 1 - Operation not permitted.
That's not good. Neither is this:
- Code: Select all
May 9 15:06:03 logik last message repeated 789827 times
May 9 15:06:31 logik last message repeated 716261 times
Followed by this when disabling RBAC using gradm...
- Code: Select all
May 9 15:06:31 logik kernel: grsec: use of CAP_SYS_ADMIN denied for /usr/sbin/klogd[klogd:13523] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
May 9 15:06:31 logik last message repeated 4 times
May 9 15:06:31 logik kernel: grsec: more alerts, logging disabled for 10 seconds
May 9 15:06:31 logik kernel: grsec: use of CAP_SYS_ADMIN denied for /usr/sbin/klogd[klogd:13523] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
May 9 15:06:31 logik last message repeated 4 times
Now, what have I done so spectacularly wrong that this should happen with all the default settings?
mark
http://www.darklogik.org