Page 1 of 1

Enabling RBAC from Non-Root User

PostPosted: Wed Jun 29, 2011 3:16 am
by skylearner
Hi

I have logged into my system with a non-root user credentials. I have also checked the RBAC status with "gradm -S". It says
Code: Select all
[user1@osndev6 dev]$ gradm -S
The RBAC system is currently disabled.


Now I have given "gradm -E" to unable RBAC. I am getting the following error.

Code: Select all
[user1@osndev6 dev]$ gradm -E
Error changing directory to /etc/grsec
Error: Permission denied

I need to log into root to enable or disable RBAC. But my requirement is to be able to enable and disable RBAC from any user ( root or non-root) Please do let me know what I need to resolve this.

Thanks
Skylearner

PS : I have added "G" in the role mode for this user

Re: Enabling RBAC from Non-Root User

PostPosted: Wed Jun 29, 2011 8:02 pm
by spender
The RBAC system cannot be enabled by a non-root user. To allow such a thing would be a security risk (you could deny other users access to their own files, and prevent root from stopping you).

-Brad

Re: Enabling RBAC from Non-Root User

PostPosted: Mon Jul 04, 2011 2:56 am
by skylearner
Thank you MR Spender