printing "Usage: init..." when starting gradm

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

printing "Usage: init..." when starting gradm

Postby meyerm » Thu Sep 26, 2002 10:25 am

Hi, it's me again ;)

I've set up the following ACL for init. It seems to work (despite that it has problems with writing to /var/run/umpt, just like my login [see other thread]), but when I call gradm -E, it always print
Code: Select all
Usage: init 0123456SsQqAaBbCcUu
on the console. Why? I can't image gradm calls init whenever the ACLs are set up...

PS: If this whole bunch will ever work, I'll post all my ACLs here hoping this would make the beginning for other newbies easier... ;)


Code: Select all
/sbin/init o {
        /dev/console                            rw
        /dev/initctl
        /sbin/init                              x
        /sbin/mingetty                          x
        /var/log/wmtp                           w
        /var/run/umtp                           rw
        /lib/libc.so.6                          rx
        /lib/ld-linux.so.2                      rx
        /                                       r

        -CAP_ALL

        connect {
                disabled
        }

        bind {
                disabled
        }
}
meyerm
 
Posts: 15
Joined: Mon Sep 23, 2002 11:06 am

Postby spender » Thu Sep 26, 2002 8:39 pm

not sure...could be because of the library detection code. I don't think I'm going to use it for 1.9.8, as people can just use the learning mode if they want to detect what libraries an app needs.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Postby goodbyte » Fri Sep 27, 2002 2:41 pm

spender wrote:not sure...could be because of the library detection code. I don't think I'm going to use it for 1.9.8, as people can just use the learning mode if they want to detect what libraries an app needs.

Probably is, I bet the init is staticly lined since I've had a similar problem with rpmq (static linked binary from the rpm package)
goodbyte
 
Posts: 32
Joined: Sun May 12, 2002 4:33 am

Postby spender » Fri Sep 27, 2002 3:01 pm

current cvs of gradm has the add_binary_libs code removed.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm


Return to grsecurity support

cron