[bug] gradm prints wrong line number in case of defines/incl

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

[bug] gradm prints wrong line number in case of defines/incl

Postby Piotr » Wed Dec 16, 2015 6:35 pm

Hello,

It seems that gradm print warnings with wrong line number in case of using defines and/or includes.

I am getting an warning as follow
Code: Select all
Warning: owner of symlink /var/mail in role piotr, subject / does not match that of its target /var/spool/mail.  Symlink is specified on line 185 of /etc/grsec/policy.


And the policy around line 185 looks like
Code: Select all
178 role piotr u {
179     subject / {
180         $basic_bin_access
181         $users_apps
182         $basic_env
183         $users_env
184
185         /home       rwcdl
186         /home/piotr rwcdlx
187
188         bind disabled
189         connect disabled
190
191         -CAP_ALL
192     }
193
194     include </etc/grsec/policy.d/users-apps>
195     include </etc/grsec/policy.d/special/szpanbut>
196 }


The very only place I have `/var/mail` specified is inside `/etc/grsec/policy.d/defines/users_env` that is loaded in the very first line of `/etc/grsec/policy` with
Code: Select all
include </etc/grsec/policy.d/defines>


It's more a comsetic bug, than anything, still worth reporting. :)
Piotr
 
Posts: 16
Joined: Mon Oct 31, 2011 8:59 am

Return to grsecurity support

cron