http://qa.mandrakesoft.com/show_bug.cgi?id=2933
[EMAIL PROTECTED] changed:
What |Removed |Added
----------------------------------------------------------------------------
Version|0.38-2mdk |0.38-3mdk
------- Additional Comments From [EMAIL PROTECTED] 2003-03-13 09:46 -------
easilly reproducable :
1. set enable_promisc_check(1) in /etc/security/msec/level.local
2. execute msec (with no parameters)
Activating periodic promiscuity check
Mar 13 09:38:04 pcpc msec: appended in /etc/cron.d/msec the line:
Mar 13 09:38:04 pcpc msec: */1 * * * * root /usr/share/msec/promisc_check.sh
3. set enable_promisc_check(0) in /etc/security/msec/level.local
4. execute msec (with no parameters)
nothing in the syslog
/etc/cron.d/msec still contains the previously added line
thus it is impossible to revert the change on 1
the major consequence is the syslog pollution once a minute with:
Mar 13 09:46:00 pcpc CROND[12451]: (root) CMD (
/usr/share/msec/promisc_check.sh)
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
------- Reminder: -------
assigned_to: [EMAIL PROTECTED]
status: UNCONFIRMED
creation_date:
description:
- I am using a personnal msec level.
- I did msec 4 once
- I did msec 3 after
- I set up a level.local like this one :
from mseclib import *
allow_autologin(0)
allow_user_list(0)
allow_xserver_to_listen(0)
enable_at_crontab(0)
enable_dns_spoofing_protection(1,1)
enable_ip_spoofing_protection(1,1)
enable_log_strange_packets(1)
accept_bogus_error_responses(1)
enable_msec_cron(1)
enable_pam_wheel_for_su(1)
enable_promisc_check(1)
enable_security_check(1)
no_password_aging_for('root')
no_password_aging_for('pascal')
no_password_aging_for('ivan')
password_aging(180, 10)
password_history(10)
password_length(7)
set_shell_timeout(0)
set_shell_history_size(-1)
- I have erased /etc/cron.d/msec
- I run msec (without any parameter)
- the syslog shows :
Mar 7 21:55:54 spirit msec: ### Program is starting ###
Mar 7 21:55:54 spirit msec: Reading local rules from
/etc/security/msec/level.local
Mar 7 21:55:54 spirit msec: Forbidding the X server to listen to tcp
connection
Mar 7 21:55:54 spirit msec: Allowing chkconfig --add from rpm
Mar 7 21:55:54 spirit msec: Setting password maximum aging for new
user to 180
Mar 7 21:55:54 spirit msec: Setting password maximum aging for root
and users with id greater than 500 to 180 and delay to 10 days
Mar 7 21:55:54 spirit msec: User root in password aging exception list
Mar 7 21:55:54 spirit msec: User pascal in password aging exception
list
Mar 7 21:55:54 spirit msec: Activating periodic promiscuity check
Mar 7 21:55:54 spirit msec: appended in /etc/cron.d/msec the line:
Mar 7 21:55:54 spirit msec: */1 * * * * root
/usr/share/msec/promisc_check.sh
Mar 7 21:55:55 spirit msec: Allowing reboot to the console user
Mar 7 21:55:55 spirit msec: Writing config files and then taking needed
actions
Mar 7 21:55:55 spirit msec: Fixing owners and permissions of files and
directories
Mar 7 21:55:55 spirit msec: Reading data from /usr/share/msec/perm.3
Mar 7 21:55:55 spirit msec: Reading data from
/etc/security/msec/perm.local
Mar 7 21:56:00 spirit crond[1729]: (*system*) RELOAD
(/etc/cron.d/msec)
Mar 7 21:56:00 spirit CROND[6768]: (root) CMD (
/usr/share/msec/promisc_check.sh)
Mar 7 21:57:00 spirit CROND[6783]: (root) CMD (
/usr/share/msec/promisc_check.sh)
OK now I want to get rid of primisc_check
- I edit level.local and change to enable_promisc_check(0)
- I run msec (no parameters)
- syslog shows :
Mar 7 21:58:35 spirit msec: ### Program is starting ###
Mar 7 21:58:35 spirit msec: Reading local rules from
/etc/security/msec/level.local
Mar 7 21:58:35 spirit msec: Forbidding the X server to listen to tcp
connection
Mar 7 21:58:35 spirit msec: Allowing chkconfig --add from rpm
Mar 7 21:58:35 spirit msec: Setting password maximum aging for new
user to 180
Mar 7 21:58:35 spirit msec: Setting password maximum aging for root
and users with id greater than 500 to 180 and delay to 10 days
Mar 7 21:58:35 spirit msec: User root in password aging exception list
Mar 7 21:58:35 spirit msec: User pascal in password aging exception
list
Mar 7 21:58:36 spirit msec: Allowing reboot to the console user
Mar 7 21:58:36 spirit msec: Writing config files and then taking needed
actions
Mar 7 21:58:36 spirit msec: Fixing owners and permissions of files and
directories
Mar 7 21:58:36 spirit msec: Reading data from /usr/share/msec/perm.3
Mar 7 21:58:36 spirit msec: Reading data from
/etc/security/msec/perm.local
Mar 7 21:59:00 spirit CROND[6808]: (root) CMD (
/usr/share/msec/promisc_check.sh)
so disabling promisc check once it has been enabled does NOT work
the file /etc/cron.d/msec always contains :
# cat /etc/cron.d/msec
*/1 * * * * root /usr/share/msec/promisc_check.sh
