[prev in list] [next in list] [prev in thread] [next in thread]
List: lids-user
Subject: Re: [lids-user] Persisting "lidsadm: cannot read /proc/sys/lids/locks" problem.
From: omok () honto ! info (Kazuki Omo)
Date: 2006-05-29 6:48:49
Message-ID: 20060529064849.GA9268 () dawn ! internal ! honto ! info
[Download RAW message or body]
Hi,
Also, If you can remove(or comment) below "if (status == 3)" line
--- /tmp/lidstools-2.2.7/src/lidsadm.c 2006-05-29 15:39:16.000000000 +0900
+++ /home/omok/work/lidstools-2.2.7/src/lidsadm.c 2006-05-26 17:40:23.000000000 +0900
@@ -54,7 +54,6 @@
exit_error(int status, const char *msg)
{
fprintf(stderr, "lidsadm: %s\n", msg);
- if (status == 3)
perror("reason:");
printf("\n");
exit(status);
in lidstools-2.2.7/src/lidsadm.c, maybe you will get something error
code when you try to use "lidsadm -S -- -LIDS".
I've seen same situation before, but I can't figure out how to solve
the problem. In that time, I've just remove/re-install kernel and
lidstools several times.
OMO
On Mon, May 29, 2006 at 08:30:32AM +0200, Sander Klein wrote:
> Hi,
>
> could you send me your kernel .config. Maybe I can have a look.
>
> Regards,
>
> Sander
>
> On Thu, May 25, 2006 21:45, Alexandros Stergiakis said:
> > Omo thank again, but none of your proposals worked for me, either
> > independently or in compination.
> >
> > However, this session might give you some hints about what might be
> > happening:
> >
> > ~ $ vi /etc/lids/lids.ini
> > ~ $ lidsconf -A -s /sbin/lidsadm -o /proc -j READONLY
> > lidsconf: You must protect the object file /proc or its directory as
> > READONLY o.
> > ~ $ lidsconf -A -o /proc -j READONLY
> > Added 1 ACL
> > ~ $ lidsconf -A -s /sbin/lidsadm -o /proc -j READONLY
> > Added 1 ACL
> > ~ $ lidsconf -U; lidsconf -U BOOT; lidsconf -U POSTBOOT; lidsconf -U
> > SHUTDOWN
> > object file /sbin was (3:2 inode 177107) instead of (0:11 98). corrected.
> > object file /bin was (3:2 inode 177093) instead of (0:11 75). corrected.
> > object file /lib was (3:2 inode 177103) instead of (0:11 77). corrected.
> > object file /usr was (3:2 inode 16097) instead of (0:11 73). corrected.
> > object file /etc was (3:2 inode 32194) instead of (0:12 29). corrected.
> > object file /etc/lids was (3:2 inode 57966) instead of (0:12 683).
> > corrected.
> > object file /etc/shadow was (3:2 inode 32672) instead of (0:12 681).
> > corrected.
> > object file /var/log was (3:5 inode 16065) instead of (0:15 64).
> > corrected.
> > object file /var/log/wtmp was (3:5 inode 16102) instead of (0:15 256).
> > correcte.subject file /bin/login was (3:2 inode 177942) instead of (0:11
> > 242). corrected.object file /etc/shadow was (3:2 inode 32672) instead of
> > (0:12 681). corrected.
> > subject file /bin/su was (3:2 inode 177825) instead of (0:11 700).
> > corrected.
> > object file /etc/shadow was (3:2 inode 32672) instead of (0:12 681).
> > corrected.
> > subject file /bin/login was (3:2 inode 177942) instead of (0:11 242).
> > corrected.object file /lib was (3:1 inode 77521) instead of (0:11 77).
> > corrected.
> > /sbin/depmod doesn't exist anymore. not removed.
> > object file /lib was (3:1 inode 77521) instead of (0:11 77). corrected.
> > object file /etc was (3:2 inode 32194) instead of (0:12 29). corrected.
> > ~ $ lidsconf -C
> > [STATE: 0] /etc/lids/lids.conf
> > [STATE: 1] /etc/lids/lids.boot.conf
> > ACL Discovery is ON
> > Compiling into /etc/lids/lids.boot.acl
> > Total 15 ACLs
> >
> > [STATE: 2] /etc/lids/lids.postboot.conf
> > ACL Discovery is ON
> > Compiling into /etc/lids/lids.postboot.acl
> > Total 14 ACLs
> >
> > [STATE: 3] /etc/lids/lids.shutdown.conf
> > ACL Discovery is ON
> > Compiling into /etc/lids/lids.shutdown.acl
> > Total 14 ACLs
> >
> > ~ $ lidsconf -P
> > enter new password:
> > reenter new password:
> > wrote password to /etc/lids/lids.pw
> > ~ $ modprobe lids
> > LIDS: Initializing...
> > LIDS: Initializing sysctl
> > LIDS: Initializing LIDS ACLs
> > LIDS: user space is 32 bit
> > LIDS: lidsadm inode 0x2bb dev 0x0:b
> > LIDS: ACL Discovery: ON, Effective Capability: 7fffffff, Total ACLs
> > Count: 15
> > LIDS: GLOBAL and BOOT state configuration files loaded
> > LIDS: Entering BOOT state
> > LIDS: Linux Intrusion Detection System 2.2.2 started
> > LIDS: Attaching LIDS ACL to Processes
> > LIDS: Finished setting up.
> > ~ $ lidsadm -I
> > INITLIDS: lidsadm (dev 7:2 inode 5) pid 620 ppid 606 uid/gid (0/0) on
> > (ttyS0) :
> >
> > LIDS_ACL_DISCOVERY:[state 1]5:7340034:lidsadm:7:0:-268434980:3:locks:0-0
> > LIDS: lidsadm (dev 7:2 inode 5) pid 620 ppid 606 uid/gid (0/0) on
> > (ttyS0) : Att
> > read: Operation not permitted
> > lidsadm: cannot read /proc/sys/lids/locks
> >
> > ~ $ lidsadm -V
> > VIEWLIDS: lidsadm (dev 7:2 inode 5) pid 621 ppid 606 uid/gid (0/0) on
> > (ttyS0) :s
> > LIDS_ACL_DISCOVERY:[state 1]5:7340034:lidsadm:7:0:-268434980:3:locks:0-0
> > LIDS: lidsadm (dev 7:2 inode 5) pid 621 ppid 606 uid/gid (0/0) on
> > (ttyS0) : Attsread: Operation not permitted
> > lidsadm: cannot read /proc/sys/lids/locks
> >
> > ~ $
> >
> > I also tried:
> > lidsconf -A -o /proc -j WRITE
> > The complete output just before issuing these commands (just in case you
> > notice anything)
> >
> > PC Engines WRAP.1C/1D/1E v1.08
> > 640 KB Base Memory
> > 130048 KB Extended Memory
> >
> > 01F0 Master 848A HYPERSTONE FLASH DISK
> > Phys C/H/S 991/8/32 Log C/H/S 991/8/32
> >
> > SYSLINUX 2.11 2004-08-16 Copyright (C) 1994-2004 H. Peter Anvin
> > boot:
> > Loading linux..............
> > Loading initrd..............
> > Ready.
> > Linux version 2.6.14.7-aspisos (aspisap@alsterg) (gcc version 4.1.0) #1
> > Tue MayuBIOS-provided physical RAM map:
> > BIOS-e820: 0000000000000000 - 00000000000a0000 (usable)
> > BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)
> > BIOS-e820: 0000000000100000 - 0000000008000000 (usable)
> > BIOS-e820: 00000000fff00000 - 0000000100000000 (reserved)
> > 128MB LOWMEM available.
> > DMI not present.
> > Allocating PCI resources starting at 10000000 (gap: 08000000:f7f00000)
> > Built 1 zonelists
> > Kernel command line: initrd=initrd root=/dev/ram0 init=/linuxrc ro
> > console=ttyS
> > Initializing CPU#0
> > PID hash table entries: 1024 (order: 10, 16384 bytes)
> > Detected 265.774 MHz processor.
> > Using tsc for high-res timesource
> > Dentry cache hash table entries: 32768 (order: 5, 131072 bytes)
> > Inode-cache hash table entries: 16384 (order: 4, 65536 bytes)
> > Memory: 126864k/131072k available (1123k kernel code, 3748k reserved,
> > 117k data)Checking if this processor honours the WP bit even in
> > supervisor mode... Ok.
> > Calibrating delay using timer specific routine.. 532.54 BogoMIPS
> > (lpj=2662735)
> > Security Framework v1.0.0 initialized
> > Mount-cache hash table entries: 512
> > CPU: Geode by NSC Geode(TM) Integrated Processor by National Semi
> > stepping 00
> > Checking 'hlt' instruction... OK.
> > checking if image is initramfs...it isn't (bad gzip magic numbers);
> > looks like dFreeing initrd memory: 756k freed
> > NET: Registered protocol family 16
> > PCI: PCI BIOS revision 2.10 entry at 0xfc44b, last bus=0
> > PCI: Using configuration type 1
> > usbcore: registered new driver usbfs
> > usbcore: registered new driver hub
> > PCI: Probing PCI hardware
> > PCI: Probing PCI hardware (bus 00)
> > PCI: Device 0000:00:12.5 not found by BIOS
> > squashfs: version 3.0 (2006/03/15) Phillip Lougher
> > Initializing Cryptographic API
> > Real Time Clock Driver v1.12
> > Serial: 8250/16550 driver $Revision: 1.90 $ 2 ports, IRQ sharing disabled
> > ttyS0 at I/O 0x3f8 (irq = 4) is a NS16550A
> > io scheduler noop registered
> > io scheduler deadline registered
> > RAMDISK: wrong blocksize 65536, reverting to defaults
> > RAMDISK driver initialized: 8 RAM disks of 1024K size 1024 blocksize
> > loop: loaded (max 240 devices)
> > natsemi dp8381x driver, version 1.07+LK1.0.17, Sep 27, 2002
> > originally by Donald Becker <becker@scyld.com>
> > http://www.scyld.com/network/natsemi.html
> > 2.4.x kernel port by Jeff Garzik, Tjeerd Mulder
> > natsemi eth0: NatSemi DP8381[56] at 0x80040000 (0000:00:0e.0),
> > 00:0d:b9:01:d5:6.natsemi eth1: NatSemi DP8381[56] at 0x80080000
> > (0000:00:10.0), 00:0d:b9:01:d5:6.Uniform Multi-Platform E-IDE driver
> > Revision: 7.00alpha2
> > ide: Assuming 33MHz system bus speed for PIO modes; override with
> > idebus=xx
> > hda: HYPERSTONE FLASH DISK, CFA DISK drive
> > ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
> > hda: max request size: 128KiB
> > hda: 253696 sectors (129 MB) w/0KiB Cache, CHS=991/8/32
> > hda: cache flushes not supported
> > hda: unknown partition table
> > NET: Registered protocol family 2
> > IP route cache hash table entries: 2048 (order: 1, 8192 bytes)
> > TCP established hash table entries: 8192 (order: 3, 32768 bytes)
> > TCP bind hash table entries: 8192 (order: 3, 32768 bytes)
> > TCP: Hash tables configured (established 8192 bind 8192)
> > TCP reno registered
> > ip_conntrack version 2.3 (1024 buckets, 8192 max) - 236 bytes per
> > conntrack
> > ip_tables: (C) 2000-2002 Netfilter core team
> > arp_tables: (C) 2002 David S. Miller
> > TCP bic registered
> > NET: Registered protocol family 1
> > NET: Registered protocol family 17
> > Bridge firewalling registered
> > Using IPI Shortcut mode
> > RAMDISK: squashfs filesystem found at block 0
> > RAMDISK: Loading 756KiB [1 disk] into ram disk... done.
> > VFS: Mounted root (squashfs filesystem) readonly.
> > Freeing unused kernel memory: 96k freed
> > init started: BusyBox v1.1.0 (2006.05.21-19:29+0000) multi-call binary
> > * Checking for any new Add-Ons..
> > hda: unknown partition table
> > * Loading Modules..
> >>>> lids_default-policy.mod
> >>>> lids_tools.mod
> >>>> linux.base.mod
> >>>> linux.crypto.mod
> >>>> linux.watchdog.wd1100.mod
> >>>> modules_init_tools-depmod.mod
> >>>> pax_tools.mod
> > * Setting up Root (/) filesystem..
> > Registering unionfs 1.1.4
> > * Setting up /etc..
> > * Setting up /var..
> > * Setting up /lib/modules..
> > * Loading User Settings..
> > * Moving to the new merged filesystem..
> > * Initializing all services..
> >
> > * Mounting filesystems
> >>>> /proc: OK
> >>>> /sys: OK
> >>>> /dev/pts: OK
> >>>> /tmp: OK
> >>>> /root/.ssh: OK
> > * Setting hostname: OK
> > * Setting loopback interface: OK
> > * Initializing random number generator: OK
> > * Activating sysloging
> > * Activating watchdog (10 sec)
> > SC1x00 Watchdog driver by Inprimis Technolgies.
> > wd1100.c: a few hacks by erich.titl@think.ch
> > * Computing module dependencies...
> > * Loading modules
> > * Assigning IPs to interfaces...
> > eth0: DSPCFG accepted after 0 usec.
> > eth0: link up.
> > eth0: Setting full-duplex based on negotiated link capability.
> > * Starting telnet daemon
> > * Starting crond..
> > * Enabling syncookies protection
> > * Disabling ICMP redirects for security reasons
> > * Disabling source routi
> >
> >
> > Powered by AspisOS.
> >
> > aspisos login: root
> > Password:
> >
> >>>alex
> >>>
> >>>
> >
> >
> > -------------------------------------------------------
> > All the advantages of Linux Managed Hosting--Without the Cost and Risk!
> > Fully trained technicians. The highest number of Red Hat certifications in
> > the hosting industry. Fanatical Support. Click to learn more
> > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
> > _______________________________________________
> > lids-user mailing list
> > lids-user@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/lids-user
> >
> >
>
>
>
--
Kazuki Omo: omok@honto.info
LIDS Japanese Information:
Japanese: http://www.selinux.gr.jp/LIDS-JP/index.html
English: http://www.selinux.gr.jp/LIDS-JP/LIDS_en/index.html
-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
lids-user mailing list
lids-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lids-user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic