Re: Beginner probs: login as user


From: Amon Ott <ao@rsbac.org>
Subject: Re: Beginner probs: login as user
Date: Thu, 8 Mar 2001 18:40:41 +0100

Next Article (by Subject): Benchmark? Amon Ott
Previous Article (by Subject): Re: Beginner probs: login as user Dirk-Jan Faber
Top of Thread: Beginner probs: login as user Dirk-Jan Faber
Articles sorted by: [Date] [Author] [Subject]


On Don, 08 Mär 2001 Dirk-Jan Faber wrote:
> When booting the rsbac kernel I am still unable to startup my X. The
> logfiles tell me, when using `startx` to startup X:
> 
>   Mar  8 16:13:31 joffie kernel: rsbac_adf_request(): request
>   MODIFY_PERMISSIONS_DATA, caller_pid 833, caller_prog_name X, caller_uid
>   1000, target-type SCD, tid ioports, attr none, value 0, result
>   NOT_GRANTED by RC AUTH ACL
> 
> I guess that the program X is /usr/bin/X, which is a symlink to
> /etc/X which, on it's turn is a symlink to /usr/bin/XFree86.
> 
> I seemed to be unable to set the permissions on /usr/bin/X with the
> rsbac_fd_menu, as it is a symlink. Any thoughts on this one?

Please enable X support (st_ioports for normal users) in RSBAC kernel config and
recompile. X uses direct access to hardware ports, for security reasons this is
disabled by default.

The program name shown in the log might be misleading. Use the file the symlink
points to, and setting attributes will work. However, non-X is hard-compiled
into AUTH, so setting attributes will not help you there, only the switch will.

> When I can start using X, I guess I'll stick to using RSBAC.

Good. :)

Amon.
-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Subject): Benchmark? Amon Ott
Previous Article (by Subject): Re: Beginner probs: login as user Dirk-Jan Faber
Top of Thread: Beginner probs: login as user Dirk-Jan Faber
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.