Hi!
I upgraded to grsec 2.0 on a production system and wanted to use the full learning mode (-F) but that seems to prevent my system from working... I was not using the ACL system in 1.9.xx (only the chroot restrictions and PaX) but want to give it a try with the new full learning mode now.
what i did:
- put shipped acl file into /etc/grsec
- #> gradm -F -L /etc/grsec/learning-logs
result: system does not respond anymore. I am logged in via ssh ... seems that the connection is cut off.
then I tried to comment out all subjects and add the (l)earn flag to the admin and the default role. Same result.
So my question is:
Does the full learning mode force any ACLs to be enabled so my ssh connection gets cut off immediately? apache does not answer anymore on the net, too when I try to use gradm -F
any hints?
-Marc
Full learning mode on a production system?
1 post
• Page 1 of 1
Full learning mode on a production system?
by schiffi » Sun Apr 18, 2004 9:30 pm
- schiffi
- Posts: 10
- Joined: Sun Apr 18, 2004 9:16 pm
1 post
• Page 1 of 1