NTPd and ACL misbehaviour
Posted: Wed May 07, 2003 10:13 amHi!
ACL for ntpd for default role:
subject /usr/sbin/ntpd {
/etc/ntp/drift.TEMP rw
/etc/ntp/drift rw
/dev/log rw
}
yet.. this on my logs:
kernel: grsec: denied rename of /etc/ntp/drift.TEMP to /etc/ntp/drift by (ntpd:32104) uid/euid:38/38 gid/egid:38/38, parent (init:1) uid/euid:0/0 gid/egid:0/0
(there's no role for user ntp(38), it uses default)
Should i just use /etc/ntp rw ? Shouldn't the first two objects suffice?
Using 2.0pre3
TIA
ACL for ntpd for default role:
subject /usr/sbin/ntpd {
/etc/ntp/drift.TEMP rw
/etc/ntp/drift rw
/dev/log rw
}
yet.. this on my logs:
kernel: grsec: denied rename of /etc/ntp/drift.TEMP to /etc/ntp/drift by (ntpd:32104) uid/euid:38/38 gid/egid:38/38, parent (init:1) uid/euid:0/0 gid/egid:0/0
(there's no role for user ntp(38), it uses default)
Should i just use /etc/ntp rw ? Shouldn't the first two objects suffice?
Using 2.0pre3
TIA