Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 359465 - udev does not create /dev/grsec
Summary: udev does not create /dev/grsec
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Anthony Basile
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-03-19 10:18 UTC by Andreis Vinogradovs ( slepnoga )
Modified: 2011-04-16 11:33 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andreis Vinogradovs ( slepnoga ) 2011-03-19 10:18:58 UTC 
sys-fs/udev-154-r4 does not create /dev/grsec device file in hardened kernel

Reproducible: Always

Steps to Reproduce:
1.configure, compile, install hardened source.
2. Install =sys-apps/gradm-2.2.1.201012301333
3. Reboot.
Actual Results:  
gw linux # ls -alh /dev/gr*
ls: cannot access /dev/gr*: No such file or directory

gw linux #  gradm -F -L /etc/grsec/learning.logs
Could not open /dev/grsec.
open: No such file or directory


gw linux # emerge --info
Portage 2.2.0_alpha27 (hardened/linux/x86, gcc-4.4.5, glibc-2.11.3-r0, 2.6.36-hardened-r9wifi-007-oprofile-grsek i686)
=================================================================
System uname: Linux-2.6.36-hardened-r9wifi-007-oprofile-grsek-i686-Pentium_III_-Coppermine-with-gentoo-1.12.14
Timestamp of tree: Sat, 19 Mar 2011 00:45:01 +0000
app-shells/bash:     4.1_p9
dev-lang/python:     2.6.6-r2, 3.1.3-r1
sys-apps/baselayout: 1.12.14-r1
sys-apps/sandbox:    2.4
sys-devel/autoconf:  2.65-r1
sys-devel/automake:  1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.5
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.81-r2
virtual/os-headers:  2.6.36.1 (sys-kernel/linux-headers)
Repositories: gentoo
Installed sets: 
ACCEPT_KEYWORDS="x86"
ACCEPT_LICENSE="*"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-Os -march=native -pipe -msse -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-Os -march=native -msse -fomit-frame-pointer -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests binpkg-logs buildpkg distlocks fixlafiles fixpackages metadata-transfer news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv"
FFLAGS=""
GENTOO_MIRRORS="http://gentoo.tups.lv/source"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="acl berkdb bzip2 cdb cli cracklib crypt cxx gd gdbm gpm hardened iconv ipv6 logwatch mmx modules mudflap ncurses network nls nptl nptlonly openmp pam pcre perl pic pppd python readline session sse suexec suhosin sysfs syslog tcpd unicode urandom usb x86 xattr xorg zlib" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="prefork" CAMERAS="ptp2" COLLECTD_PLUGINS="cpu conntrack interface iptables load memory syslog tail target_notification uptime rrdtool rrdcached apache bind contextswitch df disk irq nginx ntpd processes swap users" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev" KERNEL="linux" NGINX_MODULES_HTTP="access auth_basic autoindex browser charset empty_gif fastcgi geo gzip limit_req limit_zone map memcached proxy referer rewrite scgi split_clients ssi upstream_ip_hash userid uwsgi addition dav flv geoip headers_more image_filter push realip stub_status sub" NGINX_MODULES_MAIL="imap smtp" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 1 taaroa 2011-03-19 19:05:45 UTC 
can you post a copy of your kernel .config please?
Comment 2 Anthony Basile gentoo-dev 2011-03-23 22:31:04 UTC 
Ditto, please post your kernel .config file.

Its probably the case that you don't have rbac enabled.
Comment 3 Anthony Basile gentoo-dev 2011-04-04 20:25:19 UTC 
Okay last call, if this is still an issue, please let us know and give us your .config, otherwise I'll close this in about 1 week,
Comment 4 taaroa 2011-04-16 07:49:13 UTC 
okey. timeout request.
Status RESOLVED or CLOSED
Resolution NEEDINFO or INVALID
Comment 5 Anthony Basile gentoo-dev 2011-04-16 11:33:29 UTC 
I could not confirm this.  Closing invalid.  Please reopen if you can provide the above info.