problems with 2.4.0

From: "john huttley" <john@mwk.co.nz>
Subject: problems with 2.4.0
Date: Sat, 6 Jan 2001 22:04:36 +1300

Next Article (by Author): Re: Upcoming 1.1.1 changes "john huttley"
Previous Article (by Author): Re: Upcoming 1.1.1 changes "john huttley"
Next in Thread: Re: problems with 2.4.0 Amon Ott
Articles sorted by: [Date] [Author] [Subject] 

It seems extremely erratic.
I've started by booting plain 2.4 and purging the  /rsbac directory and
then by going to a rsbac kernel to apply AUTH fixes to  things like xfs,
named, crond
etc.

Then when I reboot it hangs at the point of "mounting local filesystems".
its a hard lock too!


If I purge /rsbac it will get past that point. Then when I reapply them it
wont boot again!.

I have my "auth_set_cap"  statements in a script so its all very repeatable.

All 3 patches have been applied.


The system is a RH7 with 2 CPUS.

my script is below.

Regards

John


#!/bin/sh
auth_set_cap FILE add /usr/bin/X11/xfs  xfs

# internet services
echo "Authorising Internet Services"
auth_set_cap FILE add /usr/sbin/in.ftpd ftp
auth_set_cap FILE add /usr/sbin/in.ftpd -1
auth_set_cap FILE add /usr/sbin/in.ftpd 500 100000
auth_set_cap FILE add /usr/sbin/identd nobody

echo "Authorising named"
auth_set_cap FILE add /usr/sbin/named named
echo "Authorising NFS"
auth_set_cap FILE add /sbin/portmap rpc
auth_set_cap FILE add /sbin/rpc.statd rpcuser

#Printing
echo "Authorising Printing"
auth_set_cap FILE add /usr/sbin/lpd lp
auth_set_cap FILE add /usr/sbin/lpd -1
auth_set_cap FILE add /usr/sbin/checkpc -1

#utility
auth_set_cap FILE add /bin/su postgres
auth_set_cap FILE add /bin/su 500 100000

# System  processes
echo "Authorising system processes"
auth_set_cap FILE add /usr/sbin/crond -1
auth_set_cap FILE add /usr/sbin/crond root
auth_set_cap FILE add /usr/sbin/crond 500 100000
auth_set_cap FILE add /usr/sbin/atd daemon
auth_set_cap FILE add /usr/sbin/atd root
auth_set_cap FILE add /usr/sbin/atd 500 100000

#Samba
echo "Authorising Samba"
auth_set_cap FILE add /usr/sbin/smbd nobody
auth_set_cap FILE add /usr/sbin/smbd 500 100000


-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Author): Re: Upcoming 1.1.1 changes "john huttley"
Previous Article (by Author): Re: Upcoming 1.1.1 changes "john huttley"
Next in Thread: Re: problems with 2.4.0 Amon Ott
Articles sorted by: [Date] [Author] [Subject]

Go to Compuniverse LWGate Home Page.