Gentoo Archives: gentoo-hardened

From:	Markus Bartl <hardened@××××××××××××××××.de>
To:	gentoo-hardened@l.g.o
Subject:	Re: [gentoo-hardened] /etc/init.d/dhcpd start -> error
Date:	Mon, 06 Oct 2008 15:20:11
Message-Id:	`48EA2CA5.7030300@noack-ingenieure.de`
In Reply to:	Re: [gentoo-hardened] /etc/init.d/dhcpd start -> error by brant williams

1
2
3
4
5
6
7	brant williams schrieb:
8	-----BEGIN PGP SIGNED MESSAGE-----
9
10	Hash: SHA256
11
12
13
14	Did you enable any chroot restrictions in the kernel config?
15
16
17
18	brant williams
19
20	FCAA CDCA 20BC 3925 D634� F5C4 7420 6784 4DEB 6002
21
22
23
24
25	On Mon, 6 Oct 2008, Markus Bartl wrote:
26
27
28	Date: Mon, 06 Oct 2008 17:04:15 +0200
29
30	From: Markus Bartl <hardened@××××××××××××××××.de>
31
32	Reply-To: gentoo-hardened@l.g.o
33
34	To: gentoo-hardened@l.g.o
35
36	Subject: [gentoo-hardened] /etc/init.d/dhcpd start -> error
37
38
39	Hi there.
40
41
42	I did a fresh installation with hardened-sources 2.6.25-r7 with pax and
43	grsec (server) enabled.
44
45	After installing dhcpd with configuration to chroot - environment I get
46	the following errors in /var/log/debug:
47
48
49	Oct� 6 16:54:35 odin dhcpd: unable to create icmp socket: Operation not
50	permitted
51
52	...
53
54	Oct� 6 16:54:35 odin dhcpd: Open a socket for LPF: Operation not
55	permitted
56
57
58	/var/log/grsec.log doesnt contain any hints.
59
60
61	Any idea would be welcome.
62
63
64	Kind regards,
65
66	Markus
67
68
69
70
71
72	-----BEGIN PGP SIGNATURE-----
73
74	Version: GnuPG v2.0.9 (GNU/Linux)
75
76
77	iEYEAREIAAYFAkjqKroACgkQdCBnhE3rYAKOggCbBAS3hGsfJwn9YCRGxEyJ4lCA
78
79	mfgAnj6B8Z0uZNpSyL4/7FrWsr9iRfF+
80
81	=pYUj
82
83	-----END PGP SIGNATURE-----
84
85	Hi brant.
86
87	Yes. chroot restrictions are set and no, socket restrictions are not
88	set.
89	Thanks in advance.
90
91	Markus.
92
93
94
95
96
97
98

Subject	Author
Re: [gentoo-hardened] /etc/init.d/dhcpd start -> error	Roman Fulop <ml@××××××××××××××.sk>