cant make | operator work

Submit your RBAC policies or suggest policy improvements

Moderators: spender, PaX Team

cant make | operator work

Postby maple » Thu Apr 29, 2004 8:23 am

Hello Brad!

Doing exactly as you described in announce letter
define objset1 {
/root/blah rw
/root/blah2 r
/root/blah3 x
}

define somename2 {
/root/test1 rw
/root/blah2 rw
/root/test3 h
}

subject /somebinary o
$objset1 | $somename2

and when trying to enable gradm
/etc/grsec# gradm -E
Duplicate object found for "/root/blah2" in role root, subject /somebinary, on line 1 of /etc/grsec/acl.
"/root/blah2" references the same object as the following object(s):
specified on an earlier line.The RBAC system will not load until this error is fixed.

tried gradm2 from download page and cvs version, no success.
Can you give me a hint?
or maybe exist another way to overwrite prevously defined modes for file/dir ?
maple
 
Posts: 9
Joined: Sun Sep 14, 2003 10:30 am

Return to RBAC policy development