info | 1 May 05:27 2005

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
campbellm | 2 May 03:36 2005
Picon
Picon

Issue with passing LD variables (LD_ASSUME_KERNEL=2.4.1)

Hi,

I was wondering what LIDS capability blocks passing env variables such
as LD_ASSUME_KERNEL to programs. When I run 'iptables -L' to list my
firewall rules, I get the following error:

May  2 11:33:47 cpanel3 kernel: LIDS:  bash (dev 3:1 inode 128014) pid
817 ppid 17363 uid/gid (0/0) on (pts) : Attempt to give
[LD_ASSUME_KERNEL=2.4.1] to privileged program /sbin/iptables (dev 3:1
inode 16115)

This variable is set in my bash environment.

I have tried enabling CAP_SYS_ADMIN and CAP_SETUID but neither of these
allow it. Does anyone know what capability in LIDS blocks passing such a
variable? 

Cheers,

Campbell

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
info | 2 May 05:23 2005

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
Yusuf Wilajati Purna | 2 May 09:20 2005
Picon
Picon

Re: Issue with passing LD variables (LD_ASSUME_KERNEL=2.4.1)

Hi,

> May  2 11:33:47 cpanel3 kernel: LIDS:  bash (dev 3:1 inode 128014) pid
> 817 ppid 17363 uid/gid (0/0) on (pts) : Attempt to give
> [LD_ASSUME_KERNEL=2.4.1] to privileged program /sbin/iptables (dev 3:1
> inode 16115)
> 
> This variable is set in my bash environment.
> 
> I have tried enabling CAP_SYS_ADMIN and CAP_SETUID but neither of these
> allow it. Does anyone know what capability in LIDS blocks passing such a
> variable? 

Try to enable CAP_SYS_PTRACE.

Regards,
purna

--

-- 
Yusuf Wilajati Purna <ywpurna <at> users.sourceforge.net>
1024D/7354A078
Key fingerprint = 7F4F 8433 C65F 3502 BC93  F529 BFDE F939 7354 A078

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
info | 3 May 20:23 2005

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
James Z. Li | 3 May 05:24 2005
Picon

Re: catnot open /proc/sys/lids/locks

I met the same problem a couple of times. You can try:
First, rebuild the kernel and re-install lids-tools. 
BEFORE reboot your machine, please do:
enable all capabilities in lids.cap and lids.boot.cap
remove all configurations in lids.conf and lids.boot.conf
set  ACL_DISCOVERY=1  in lids.ini
Finally, you reboot the machine.
Hopefully,  "lidsadm -I" and "lidsadm -S  ..." will not prompt 
that open lock error

James

On 4/27/05, dreamping shao <dreamping.shao <at> gmail.com> wrote:
> i have installed lids2.2.6.1 without outputing error,
> after rebooting the computer,
> i can't see any files in /boot except kernel.h
> i think it indicate that lids is active,
> but why i can enter /etc/lids?
> also ,when i command:
> #lidsadm -S -- +LIDS  or
> #lidsadm -S -- -LIDS
> there are the same errors ,
> SWITCH
> open: No such file or directory
> lidsadm : cannot open /proc/sys/lids/locks
> 
> -------------------------------------------------------
> SF.Net email is sponsored by: Tell us your software development plans!
> Take this survey and enter to win a one-year sub to SourceForge.net
> Plus IDC's 2005 look-ahead and a copy of this survey
(Continue reading)

info | 4 May 05:20 2005

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
root | 4 May 22:10 2005
Picon

Problemas com o e-mail

O email madmax <at> radmin.com nao existe no servidor.

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
info | 5 May 05:20 2005

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
root | 5 May 15:48 2005
Picon

Problemas com o e-mail

O email jim <at> xnet.ro nao existe no servidor.

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

Gmane