uid/gid changing which acl ?

Submit your RBAC policies or suggest policy improvements

uid/gid changing which acl ?

Postby Active2 » Wed Jun 02, 2004 2:27 pm

I can't get around this failure:

grsec: From 192.168.2.144: denied access to hidden file /etc/passwd by /usr/sbin/sshd[sshd:10718] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/sbin/sshd[sshd:9804] uid/euid:0/0 gid/egid:0/0
grsec: From 192.168.2.144: denied access to hidden file /etc/security/pam_env.conf by /usr/sbin/sshd[sshd:10718] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/sbin/sshd[sshd:9804] uid/euid:0/0 gid/egid:0/0
grsec: From 192.168.2.144: denied access to hidden file /dev/log by /usr/sbin/sshd[sshd:10718] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/sbin/sshd[sshd:9804] uid/euid:0/0 gid/egid:0/0
grsec: From 192.168.2.144: denied access to hidden file /dev/console by /usr/sbin/sshd[sshd:10718] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/sbin/sshd[sshd:9804] uid/euid:0/0 gid/egid:0/0
grsec: From 192.168.2.144: denied access to hidden file /etc/environment by /usr/sbin/sshd[sshd:10718] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/sbin/sshd[sshd:9804] uid/euid:0/0 gid/egid:0/0


My acl file is here: http://www.cacholong.nl/~matthijs/acl

(i've take also a look at http://people.roma2.infn.it/~claudio/en ... osts/3-acl but i can't figure out how he does)

The uid and gid is changing from 0 to 1000 which is my user when i try to login as normal user.

This acl works when i try to login as root (but i dislike that)

Somebody knows what i'm doing wrong ?

Thanks in advance.
Active2
 
Posts: 14
Joined: Fri Feb 27, 2004 5:51 am

Postby onyx » Thu Jun 03, 2004 4:14 pm

Forbidden
You don't have permission to access /~matthijs/acl on this server.


First of all, do something with this.
onyx
 
Posts: 36
Joined: Tue Jan 20, 2004 7:46 pm

Postby Active2 » Sat Jun 05, 2004 6:56 am

Sorry for such a late reaction.

I've fixed it.

(it's very bad that the development of this patch maybe stops :()
Active2
 
Posts: 14
Joined: Fri Feb 27, 2004 5:51 am


Return to RBAC policy development

cron