Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

RSBAC and sshd
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
364
n00b
n00b


Joined: 08 Aug 2006
Posts: 1
PostPosted: Sun Aug 13, 2006 4:36 pm    Post subject: RSBAC and sshd Reply with quote
This is a fresh install. I followed the install docs, handbook and RSBAC. I turned on learning mode for sshd and it starts and stop ok, but when I try to log in, sshd crashes with these to messages in /var/log/messages.
Code:

rsbac_adf_request(): request WRITE, pid 27780, ppid 1, prog_name sshd, prog_file /usr//sbin/sshd, uid 0, remote ip 192.168.68.3, target_type NETOBJ, tid cc04cc80 UNIX STREAM, attr none, value none, result NOT_GRANTED by RC
rsbac_adf_request(): request READ, pid 27781, ppid 1, prog_name sshd, prog_file /usr//sbin/sshd, uid 0, remote ip 192.168.68.3, target_type NETOBJ, tid cc04ce80 UNIX STREAM, attr none, value none, result NOT_GRANTED by RC


The message on the client machine is:
Code:

ssh_exchange_identification: Connection closed by remote host


Running nmap from another machine also causes the same message, different pids and tids.

It looks like something else needs to be changed besides turning on learn mode? I got privoxy to work, but the messages from it only said "NOT_GRANTED by AUTH" (besides a few I will try to fix later).

Jon
Back to top
View user's profile Send private message
kangboo
n00b
n00b


Joined: 02 May 2005
Posts: 9
PostPosted: Sun Sep 03, 2006 12:10 pm    Post subject: Reply with quote
Hi,

First of all, learning mode only works for a few modules like AUTH.
If you enable hooks for checking network accesses, you need to allow them. For Unix sockets, the upcomming RSBAC version will make it simpler by using them as if it were fd (files) objects.
Right now, you need to make a net template (see http://rsbac.org/documentation/rsbac_handbook/configuration_basics/administration_examples/network_access_control )
to allow this.

Good luck
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy