Justinas S. wrote:
Hi Sandino,
Thanks for your reply. Do you have any suggestions how I can
solve my problem?
More details:
After (on main system - not vserver, after building kernel, compiling gradm and
rebooting)
# gradm -E
# gradm -a
Password:
Could not open /proc/sys/kernel/grsecurity/acl
open: Permission denied
Kernel log shows this:
Mar 30 09:31:47 alus2 kernel: grsec: From 192.168.1.2: use of CAP_SYS_ADMIN denied for (gradm:1374) UID(0) EUID(0), parent (bash:706) UID(0) EUID(0)
(why it's denied? It never happens in grsec+gradm only)
I have not much experience with ACLs but seems like you are dropping the
CAP_SYS_ADMIN cappability at some point.
I used 2 different patches of vs+grsec:
http://www.sandino.net/parches/vserver/linux-2.4.25-grsec-1.9.14-vserver-1.26.patch.gz
http://www.firehead.org/~jeffrey/linux-vserver/grsecurity-1.9.14-2.4.25-vs1.26.patch
and message was the same.
--
Sandino Araico Sánchez
-- Melón se comió las plumas....
_______________________________________________
Vserver mailing list
[EMAIL PROTECTED]
http://list.linux-vserver.org/mailman/listinfo/vserver
