ProFTPD/ACL

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

ProFTPD/ACL

Postby wschlich » Sun Apr 14, 2002 11:42 am

why does this happen?

--8<--
Apr 14 17:35:45 prometheus kernel: grsec: CAP_CHOWN not raised for (proftpd:7356) UID(0) EUID(0), parent (proftpd:19043) UID(0) EUID(65534)
Apr 14 17:35:45 prometheus proftpd[7356]: prometheus.lan.berghof.org (192.168.0.101[192.168.0.101]) - chown() as root failed: Operation not permitted.
--8<--

I've not enabled any ACLs, the ACL system itself is enabled though.
wschlich
 
Posts: 17
Joined: Sun Mar 03, 2002 8:25 pm

Try to enable acls

Postby Sea-you » Wed Apr 17, 2002 3:38 pm

Hi,

I think u should try to add this to your proc.acl and enable it :)

/usr/sbin/proftpd {
/ rwx
+CAP_CHOWN
+CAP_NET_BIND_SERVICE
}
Sea-you
 
Posts: 10
Joined: Thu Apr 11, 2002 12:48 pm

spender

Postby spender » Wed Apr 17, 2002 5:35 pm

i believe the problem is related to the capability restrictions on chroot. Your problem is fixed in 1.9.5.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm


Return to grsecurity support