grsecurity forums

[tjh]

Code: Select all

subject /usr/bin/rsync od {
        /                               h
        /etc                            h
        /etc/ld.so.cache                r
        /lib                            rx
        /lib/modules                    h
        /media                          rwcd
        /usr                            h
        /usr/bin/rsync                  rx
        /usr/lib/locale/locale-archive  r
        -CAP_ALL
        +CAP_CHOWN
        bind    disabled
        connect disabled
        sock_allow_family all
}


This message is being produced:

Code: Select all

grsec: From 192.168.1.1: (tim:U:/usr/bin/rsync) denied chmod of /media/flash/Backups/gallery/cache/module/rating/8/6 by /usr/bin/rsync[rsync:12844] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/tcsh[tcsh:12842] uid/euid:1000/1000 gid/egid:1000/1000


What do I need to do to allow chmod?

Tim

[Undine]

Does rsync tries to "chmod +-s" (set setuid access on file)? Perhaps you need "/media rwmcd", where 'm' is ability to set setuid/setgid access on file.