1 |
Since I've upgraded to a kernel based on 2.6.27 (2.6.27-hardened-r1), some |
2 |
error messages are logged every time I authenticate myself as root. |
3 |
" |
4 |
Nov 23 10:09:44 hostname grsec: (root:U:/sbin/gradm) denied access to |
5 |
hidden file /root by /sbin/gradm[gradm:7187] uid/euid:0/0 gid/egid:0/0, |
6 |
parent /bin/bash[bash:7033] uid/euid:0/0 gid/egid:0/0 |
7 |
" |
8 |
Role flag "G" is specified for root in order to make this user able to |
9 |
authenticate using gradm. Some directories - including boot - are hidden. |
10 |
No matter if I replace "h" to "hs" for role root, these messages still get |
11 |
logged. If I try to create a policy for gradm, grsec reports, that I've |
12 |
tried to modify an already existing instance - which is probably included |
13 |
because Role flag "G", but the exact contents are hidden. |
14 |
This behavior appeared recently. |
15 |
|
16 |
Did I miss something? |
17 |
Any ideas on this are greatly appreciated. |
18 |
|
19 |
Is it discouraged to authenticate using gradm while logged in as root? |
20 |
|
21 |
Regards, |
22 |
Dw. |
23 |
-- |
24 |
dr Tóth Attila, Radiológus Szakorvos jelölt, 06-20-825-8057, 06-30-5962-962 |
25 |
Attila Toth MD, Radiologist in Training, +36-20-825-8057, +36-30-5962-962 |