Borsenkow Andrej <[EMAIL PROTECTED]> writes: > On 14 May 2002, Guillaume Cottenceau wrote: > > > Borsenkow Andrej <[EMAIL PROTECTED]> writes: > > > > > Obviously grsecurity does not like what happens during initrd stage: > > > > > > VFS: Mounted root (ext2 filesystem). > > > grsec: mount . to / by (swapper:9) UID(0) EUID(0), parent (swapper:1) > > > UID(0) EUID(0) > > > grsec: denied attempt to mount (/proc) as /proc from chroot jail (01:00:2) > > > of 0.0 by (linuxrc:9) UID(0) EUID(0), parent (swapper:1) UID(0) EUID(0) > > > grsec: more denied mounts in chroot, logging disabled for 30 seconds > > > > ???? fuck grsec!! i need those mounts. > > > > Juan, what happened to GRKERNSEC_SYSCTL??? > > [root@gw grsecurity]# grep GRKERNSEC_SYSCTL /boot/config > [root@gw grsecurity]# > bor@cooker:/usr/src/linux-2.4.18-13mdk/grsecurity%> grep SYSCTL * > if [ "$CONFIG_SYSCTL" != "n" ]; then > bool 'Sysctl support' CONFIG_GRKERNSEC_SYSCTL > > gc, with this option you can temporarily sysctl -w > kernel.grsecurity.chroot_deny_mount=0 before chrooting and then revert it > back (of course you can use proper syscall). Unless chroot happens before > entering linuxrc :(
AFAIK there is no explicit chroot in linuxrc/initrd. Can it be when the kernel mounts and runs the initrd, it uses an implicit chroot for that? -- Guillaume Cottenceau - http://people.mandrakesoft.com/~gc/
