Page 1 of 1

[bug] gradm prints wrong line number in case of defines/incl

PostPosted: Wed Dec 16, 2015 6:35 pm
by Piotr

It seems that gradm print warnings with wrong line number in case of using defines and/or includes.

I am getting an warning as follow
Code: Select all
Warning: owner of symlink /var/mail in role piotr, subject / does not match that of its target /var/spool/mail.  Symlink is specified on line 185 of /etc/grsec/policy.

And the policy around line 185 looks like
Code: Select all
178 role piotr u {
179     subject / {
180         $basic_bin_access
181         $users_apps
182         $basic_env
183         $users_env
185         /home       rwcdl
186         /home/piotr rwcdlx
188         bind disabled
189         connect disabled
191         -CAP_ALL
192     }
194     include </etc/grsec/policy.d/users-apps>
195     include </etc/grsec/policy.d/special/szpanbut>
196 }

The very only place I have `/var/mail` specified is inside `/etc/grsec/policy.d/defines/users_env` that is loaded in the very first line of `/etc/grsec/policy` with
Code: Select all
include </etc/grsec/policy.d/defines>

It's more a comsetic bug, than anything, still worth reporting. :)