grsecurity forums

[chrlin]

Why do I get a denied execution of /opt/java?

Code: Select all

subject /opt/start.sh
        /bin/su                 rx
        /dev/log                rw
        /etc/shadow             r
        /var/run/utmp           rw
        /var/log/faillog        rwc
        /root                   r
        /root/.xauth*           rwcd
        +CAP_SYS_TTY_CONFIG
subject /opt/start.sh:/bin/su
        /bin/bash               rxi
subject /opt/start.sh:/bin/su:/bin/bash
        /opt/java   rx

Output from exec_logging

grsec: From XX: (root:/opt/start.sh) exec of /bin/su (su user -c /opt/java -Xve) by /opt/start.sh [start.sh:15931] uid/euid:0/0 gid/egid:0/0, parent /opt/start.sh [start.sh:14053] uid/euid:0/0 gid/egid:0/0

grsec: From XX: (wbs:/) exec of /bin/bash (sh -c /opt/java -Xverify:none ) by /bin/su[su:21653] uid/euid:540/540 gid/egid:518/518, parent /bin/su[su:15931] uid/euid:0/0 gid/egid:0/0

grsec: From XX: (wbs:G:/) denied execution of /opt/java by /bin/bash[sh:21653] uid/euid:540/540 gid/egid:518/518, parent /bin/su[su:15931] uid/euid:0/0 gid/egid:0/0

Role root and role wbs include the acl.

Gradm version:gradm v2.0.1
grsec patch:grsecurity-2.0.1-2.4.27.patch på kernel 2.4.27

[bplant]

I have the same problem, with a different app though. Did you find a solution/reason for the problem?

Cheers,

Brad

[chrlin]

Unfortunately I did not find any solution or reason for the problem. Please post if you come up with something.