RBAC on overlayfs filesystem

Submit your RBAC policies or suggest policy improvements

RBAC on overlayfs filesystem

Postby mynick » Mon Mar 06, 2017 5:56 pm

I'm struggling with RBAC on a filesystem with an overlayfs root. When I enable full learning it creates the logs but i can't disable it via "sudo gradm2 -D". It just says the password is incorrect, but it is definitely the correct one. When I create the policy and enable it the log gets filled with grsec denied messages. More or less everything is denied it seems.
Using the same system but without overlayfs everything works fine. I can disable learning or RBAC generally. When I enable RBAC no denied messages show up in the logs. Any ideas how to fix this?
mynick
 
Posts: 1
Joined: Mon Mar 06, 2017 5:25 pm

Return to RBAC policy development