Admin access problem

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Admin access problem

Postby Loggy » Fri May 28, 2004 6:54 am

I am having trouble with admin access. I set up two admin's and set the password etc but both of them refuse access with Invalid password. For the moment, I have set the password to be the same as the RBAC password.

I am ssh-ing in from another box. The ACLs are:

Code: Select all
role admin sA
role_allow_ip 192.168.0.0/16
role_allow_ip 0.0.0.0/32
subject / r
   / rwcdmxi
   +CAP_ALL

role admin0 sA
role_allow_ip 192.168.0.0/16
role_allow_ip 0.0.0.0/32
subject / r
   / rwcdmxi
   +CAP_ALL


I see that after 3 tries, the system locks the admin user out and I have deleted /etc/grsec/pw and tried again and set up the second admin0 but this still occurs.

The syslog error reported is:

Code: Select all
May 28 11:01:11 saturn kernel: grsec: From 192.168.20.2: special role admin0 failure for /sbin/gradm[gradm:21550] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:2233] uid/euid:0/0 gid/egid:0/0


Apart from a reboot, is there any other way of resetting the admin/admin0 login error count?

TIA

John[/code]
Loggy
 
Posts: 14
Joined: Tue Nov 18, 2003 5:28 am

Postby onyx » Fri May 28, 2004 9:06 am

Hi!

You should add a role_transition to the role, from wich you'd like to be admin, for example root.

role root uG
role_transitions admin
role_allow_ip 0.0.0.0/0
subject / {
...
}

This means, from the root role, you can authenticate to the role admin, and from nobody else can.

bye, onyx
onyx
 
Posts: 36
Joined: Tue Jan 20, 2004 7:46 pm


Return to grsecurity support