Re: bsdextended mac module question
I think you'll need to allow stat permission too - say rxs not just rx. You may also want to think about what this rule does to /tmp. David. Works fine in this way, thanks. Cheers, Gábor Kövesdán ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
bsdextended mac module question
Hello, I try to make a bsdextended mac policy and when I add the following rule, I can't login with a simple user: ugidfw add subject not uid root object uid root mode rx This rule is for protecting root's files from others in any case. And I've got the following message: /libexec/ld-els.so.1: Cannot fstat /lib/libedit.so.4 Jun 27 10:36:25 localhost login: _secure_path: cannot stat /etc/login.conf: Permission denied What's wrong? Btw, could somebody tell what the a mode means in bsdextended rules? Thanks, Gábor Kövesdán ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bsdextended mac module question
On Mon, Jun 27, 2005 at 10:45:35AM +0200, K?vesd?n G?bor wrote: Hello, I try to make a bsdextended mac policy and when I add the following rule, I can't login with a simple user: ugidfw add subject not uid root object uid root mode rx I think you'll need to allow stat permission too - say rxs not just rx. You may also want to think about what this rule does to /tmp. David. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
