Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 41051 - grsecurity-base-policy ebuild breaks dcron
Summary: grsecurity-base-policy ebuild breaks dcron
Status: RESOLVED WORKSFORME
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: The Gentoo Linux Hardened Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-02-09 17:26 UTC by Richard Brooklyn
Modified: 2004-02-21 18:32 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Richard Brooklyn 2004-02-09 17:26:32 UTC
When applying the above-mentioned ebuild, dcron is no longer usable under any user. Including root.

An example of this is when crontab -e is run. The expected result is that nano opens up with the existing crontab entry, ready for the user to edit. However, when grsecurity is enabled, with the grsecurity-base-policy package merged, this error is displayed instead: initgroups failed: $username operation not permitted.

This also affects root user.

When GRSecurity's ACLs are turned off with gradm -D, or the ACL for dcron is removed, the crontab commands work perfectly for all users. It's only when they are applied when the bug is seen.
Comment 1 solar (RETIRED) gentoo-dev 2004-02-10 21:40:45 UTC
those are example acls and I dont exactly have time to keep them up. Please provide a diff to the existing which fix this problem.
Comment 2 solar (RETIRED) gentoo-dev 2004-02-21 18:32:57 UTC
changing resolution to something else..