My tip: Check your "role root". Does it look something like this: >>> role root uG role_transitions admin <<<
If not, than please read the manual. Also check your "role admin" It should contain someting like this: >>> role admin sA subject / rvka <<< Please study the avaiable options. Regards, Dw. -- dr Tóth Attila, Radiológus Szakorvos jelölt, 06-20-825-8057, 06-30-5962-962 Attila Toth MD, Radiologist in Training, +36-20-825-8057, +36-30-5962-962 On Szo, November 18, 2006 14:44, kakou wrote: > Hello, > I have installed grsecurity and obtained a policy with grlearn. > When I use gradm -a admin, I have this error in log : > > (root:U:/sbin/gradm) use of CAP_SYS_ADMIN denied > for /sbin/gradm[gradm:4373] uid/euid:0/0 gid/egid:0/0, > parent /bin/bash[bash:10954] uid/euid:0/0 gid/egid:0/0 > > I have no subject for "/sbin/gradm" for the role root and if I try to > add this subject, I have an error because this subject already exist > (???). > Moerover any subject is a simlinks to "/sbin/gradm". > > I have this error (but all is running fine :)) on two server. > The first one with a tweaked policy and the second one with the default > policy obtained with grlearn. > > Someone has an idea? > > > Kakou > -- [email protected] mailing list
