Page 1 of 1

A few initial errors with the default ACL

PostPosted: Sun Mar 28, 2004 6:50 pm
by abefroman
How do I fix the ACL to not get these error?

Mar 28 15:04:32 server104 kernel: grsec: use of CAP_SYS_RAWIO denied for (smartd:562) UID(0) EUID(0), parent (init:1) UID(0) E
UID(0)
Mar 28 15:04:32 server104 kernel: grsec: denied connect to the unix domain socket /dev/log by (smartd:562) UID(0) EUID(0), par
ent (init:1) UID(0) EUID(0)
Mar 28 15:04:32 server104 last message repeated 2 times
Mar 28 15:04:32 server104 kernel: grsec: denied open of /var/log/exim_mainlog for appending by (sendmail:1284) UID(47) EUID(47
), parent (init:1) UID(0) EUID(0)
Mar 28 15:04:32 server104 kernel: grsec: denied open of /var/log/exim_paniclog for appending by (sendmail:1284) UID(47) EUID(4
7), parent (init:1) UID(0) EUID(0)
Mar 28 15:04:32 server104 kernel: grsec: denied connect to the unix domain socket /dev/log by (sendmail:1284) UID(47) EUID(47)
, parent (init:1) UID(0) EUID(0)
Mar 28 15:04:40 server104 kernel: grsec: denied open of /var/log/xferlog.offsetftpsep for writing by (cpanellogd:812) UID(0) E
UID(0), parent (init:1) UID(0) EUID(0)
Mar 28 15:04:40 server104 kernel: grsec: denied chown of /usr/local/cpanel/bin/eximstatspass by (eximstatspass:1285) UID(0) EU
ID(0), parent (cpanellogd:812) UID(0) EUID(0)
Mar 28 15:04:40 server104 kernel: grsec: denied connect to the unix domain socket /dev/log by (proftpd:1204) UID(0) EUID(99),
parent (proftpd:551) UID(0) EUID(99)
Mar 28 15:04:40 server104 kernel: grsec: denied connect to the unix domain socket /dev/log by (proftpd:1204) UID(0) EUID(99),
parent (proftpd:551) UID(0) EUID(99)
Mar 28 15:05:00 server104 kernel: grsec: denied chmod of /var/log/dcpumon by (dcpumon:1289) UID(0) EUID(0), parent (sh:1288) U
ID(0) EUID(0)
Mar 28 15:05:00 server104 kernel: grsec: use of CAP_SYS_PTRACE denied for (ps:1292) UID(0) EUID(0), parent (dcpumon:1289) UID(
0) EUID(0)
Mar 28 15:05:00 server104 last message repeated 9 times
Mar 28 15:05:00 server104 kernel: grsec: more alerts, logging disabled for 2 seconds
Mar 28 15:08:00 server104 kernel: grsec: denied execution of /scripts/ckillall by (safekill:1303) UID(0) EUID(0), parent (safe
kill:1301) UID(0) EUID(0)
Mar 28 15:08:00 server104 kernel: grsec: use of CAP_SYS_PTRACE denied for (ps:1304) UID(0) EUID(0), parent (safekill:1301) UID
(0) EUID(0)
Mar 28 15:08:00 server104 last message repeated 9 times
Mar 28 16:44:08 server104 kernel: grsec: successful change to admin mode (id 1) by (gradm:2544) UID(0) EUID(0), parent (bash:9
61) UID(0) EUID(0)
Mar 28 16:44:34 server104 kernel: grsec: Reloaded grsecurity 1.9.14
Mar 28 16:44:38 server104 kernel: grsec: denied access to hidden file /etc/grsec by (fixmailandakopi:2547) UID(0) EUID(0), par
ent (bash:961) UID(0) EUID(0)

Thanks in advance.