Re: FreeBSD trusted execution system: beta testers wanted

From: Oleg Palij (o.palij_at_dp.uz.gov.ua)
Date: 03/16/05

Next message: Timothy Smith: "no patch, is there a problem"

Previous message: Oleg Palij: "Re: FreeBSD trusted execution system: beta testers wanted"
Maybe in reply to: Christian S.J. Peron: "FreeBSD trusted execution system: beta testers wanted"
Next in thread: vaida bogdan: "Re: FreeBSD trusted execution system: beta testers wanted"
Reply: vaida bogdan: "Re: FreeBSD trusted execution system: beta testers wanted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 16 Mar 2005 08:54:13 +0200
To: csjp@FreeBSD.ORG

Hi!

Thanks for developing such interesting feature :) !

But I have some problems, which I cant understand.

# sysctl security.mac.chkexec.enforce=0
security.mac.chkexec.enforce: 1 -> 0

# setfhash /usr/local/sbin/logrotate
# getfhash /usr/local/sbin/logrotate
/usr/local/sbin/logrotate: sha1 78513a038cd9416f2be710b6732369b96874b364

# sysctl security.mac.chkexec.enforce=1
security.mac.chkexec.enforce: 0 -> 1

# /usr/local/sbin/logrotate
bash: /usr/local/sbin/logrotate: Operation not permitted

# getfhash /usr/local/sbin/logrotate
/usr/local/sbin/logrotate: sha1 78513a038cd9416f2be710b6732369b96874b364

How can I see what exactly goes wrong ???

Oleg.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

Next message: Timothy Smith: "no patch, is there a problem"

Previous message: Oleg Palij: "Re: FreeBSD trusted execution system: beta testers wanted"
Maybe in reply to: Christian S.J. Peron: "FreeBSD trusted execution system: beta testers wanted"
Next in thread: vaida bogdan: "Re: FreeBSD trusted execution system: beta testers wanted"
Reply: vaida bogdan: "Re: FreeBSD trusted execution system: beta testers wanted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

CD mount problems
... as a regular user I cant seem to play a CD - but it works as root. ... I used sysctl vfs.usermount to see the status and it came back as 0. ...
(comp.unix.bsd.freebsd.misc)
Re: RFC: Adding a hw.features[2] sysctl
... sysctl and this sort of information fits neatly into the existing ... MIB tree as either dev.cpu.N.features or hw.cpu.features ... It was an externally defined API that we ... wanted to use the feature write their own parser for whatever (loosely ...
(freebsd-current)
Re: RFC: Adding a hw.features[2] sysctl
... sysctl and this sort of information fits neatly into the existing ... create an ioctl that returns a bitmask of all available CPU features. ... Calling ioctlfor each feature query is comparably more expensive. ...
(freebsd-current)
Re: [PATCH 1/3] coredump: cleanup documentation for suid_dumpable
... NAK - this feature is actively used and can be set by the sysctl ... The PRCTL fixup was just a bug being fixed. ... interface is still relevant. ... May I know who or which program is using this feature? ...
(Linux-Kernel)
Error kio_media_mounthelper cdrom not accessible for normal users
... "Feature only available with HAL" ... I have tried sysctl, I have edited devfs.conf and to no avail. ... And I still cannot access it as a normal non-root user. ... Check out the i’m Talkathon. ...
(freebsd-questions)