gradm_pam with ldap problem

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

gradm_pam with ldap problem

Postby jcolloca » Thu Nov 12, 2015 3:26 pm

Similar to this post viewtopic.php?f=3&t=4002 "gradm_pam with ldap problem"

I'm getting errors when I use uPG role modes to make users auth to get into their gradm roles.

1. SomeUser logins in as their user
2. gradm -p <SomeUser>

The grsec errors:
kernel: [1833514.054002] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied access to hidden file /etc/resolv.conf by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100
kernel: [1833514.078148] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied access to hidden file /etc/gai.conf by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100
kernel: [1833514.100829] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied connect() to ipaddr port 636 sock type dgram protocol udp by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100
kernel: [1833514.125883] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied connect() to ipaddr port 636 sock type dgram protocol udp by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100
kernel: [1833514.150868] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied connect() to ipaddr port 636 sock type dgram protocol udp by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100
kernel: [1833514.175873] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied connect() to ipaddr port 636 sock type dgram protocol udp by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100
kernel: [1833514.221363] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied connect() to ipaddr port 636 sock type dgram protocol udp by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100
kernel: [1833514.246604] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied connect() to ipaddr port 636 sock type dgram protocol udp by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100
kernel: [1833514.271824] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied connect() to ipaddr port 636 sock type dgram protocol udp by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100
kernel: [1833514.297081] grsec: From ipaddr: (SomeUser:U:/sbin/gradm_pam) denied connect() to ipaddr port 636 sock type dgram protocol udp by /sbin/gradm_pam[gradm_pam:23796] uid/euid:15291/15291 gid/egid:100/100, parent /sbin/gradm[gradm:23795] uid/euid:15291/15291 gid/egid:100/100


The auth log messages:
gradm_pam: pam_unix(gradm:auth): authentication failure; logname=SomeUser uid=15291 euid=15291 tty= ruser= rhost= user=SomeUser


James
jcolloca
 
Posts: 1
Joined: Thu Nov 12, 2015 3:10 pm

Return to grsecurity support