Page 1 of 1

imap access

PostPosted: Wed May 10, 2006 3:02 am
by emostar
Hello.. me again.. I seem to be taking up a lot of the posts these days.. :P

I have the following output in my syslog after I enable grsec and try to access my imap server:

grsec: From 192.168.0.100: (default:D:/) denied access to hidden file /home/vpopmail/domains/thejon.org/jon by /usr/local/libexec/authlib/authvchkpw[authvchkpw:10536] uid/euid:1007/1007 gid/egid:111/111, parent /usr/local/libexec/couriertcpd[couriertcpd:28266] uid/euid:0/0 gid/egid:0/0

The uid 1007 is my vpopmail user, which has a role.
My question is, why does it go to the default role? I have a role for uid 0 (root) and uid 1007 (vpopmail), both with /usr/local/libexec/authlib/authvchkpw objects.

I see the parent process (couriertcpd) is being executed as uid 0... does this mean I have to adapt my policy to the changing UID?

Thanks,

Jon

PostPosted: Sun May 14, 2006 10:14 pm
by spender
I'd have to see your full policy to tell why it's not using the role, since there are a number of possible causes. Can you send your policy to spender@grsecurity.net?

-Brad