Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: red hat check error log
Operating Systems Linux red hat check error log Post 302202976 by sysgate on Friday 6th of June 2008 07:49:30 AM
Old 06-06-2008
Typing 'dmesg' should provide you with most of that information.
 

9 More Discussions You Might Find Interesting

1. Linux

red hat ee 2.6.9-42

hello. I would be greatfull if someone could tell me how will i see what dns server and gateway my red hat server uses. I tryied to find out by typing ifconfig command but i got : -bash: ifconfig: command not found , although man ifonconfig gives output with info about using that command. Is... (3 Replies)
Discussion started by: tonijel
3 Replies

2. Red Hat

Buffer I/O error in red hat linux boot up

I get error message when boot up red hat linux Buffer I/O error on device hdc ,logical block XX ... /dev/hdc:read failed after 0 of 2048 at 0 : input/output error ..... I paste the /etc/fstab file in here /dev/hdc is cdrom How can I fix it Please advice # cat /etc/fstab # This file... (3 Replies)
Discussion started by: chuikingman
3 Replies

3. Red Hat

"ERROR : failed to mount nfs source" Red Hat Kickstart

Hi There, I have been googling for this error and try solution provided but still not avail to resolve Kickstart Issue. Any expert have encounter this problem? Thanks. Regards, Regmaster (4 Replies)
Discussion started by: regmaster
4 Replies

4. Red Hat

Oracle Listener Error on Red hat 5

Hello everybody, the reason why im posting this thread is because i've installed an oracle test database on RHEL 5, on a localhost (Since it is for test)... the thing is, after i have installed the DB it works just fine, but after i re start it, i get the following errors when i want to go into the... (5 Replies)
Discussion started by: blacksteel1988
5 Replies

5. UNIX for Dummies Questions & Answers

how to know if i use "Red Hat Enterprise Linux" or "Red Hat Desktop" ?

how to know if i use "Red Hat Enterprise Linux" or "Red Hat Desktop" ? (2 Replies)
Discussion started by: ahmedamer12
2 Replies

6. Red Hat

collect red hat linux error logs

Hi, I have two questions,first of all is where can I collect more error logs(the log under /var/log/messages), also give the corresponding explain is grateful.The second one is the log under various versions(such as red hat,suse,etc) is the same or not. Thanks for answers. (1 Reply)
Discussion started by: zhaoyy
1 Replies

7. Linux

Error on smbclient login on Red Hat

I have the smbclient installed and I am able to see information from the '-L' option. But when I attempt to login I'm getting the "NT_STATUS_BAD_NETWORK_NAME". I was hoping for help, because I'm not sure what is supposed to go into the smb.conf file. My goal is to transfer files from my Linux... (2 Replies)
Discussion started by: islanderman
2 Replies

8. Programming

Openlog and syslog in red-hat Linux doesn't write any thing to /var/log/*

Using redhat 64 bit ver 6.2 I have simple c++ app that is trying to write to syslog like this: /* try to write massage into linux log */ void foo::writeToSyslog() { openlog("testlogfoo", 0, 24); // Send the message. ... (1 Reply)
Discussion started by: umen
1 Replies

9. UNIX for Beginners Questions & Answers

Red Hat: Error connecting using secure shell

Hi All, I am getting below error when I try to connect with ssh. Not sure why the error is on.I am able to connect from a different login from the same server (local: rhe/home/s3>) ssh acces1@91.1.12.102 Connection closed by 91.1.12.102 (local: rhe/home/s3>) ssh redhlinx102 Connection... (7 Replies)
Discussion started by: arunkumar_mca
7 Replies

LEARN ABOUT SUSE

aa_change_hat

AA_CHANGE_HAT(2)						     AppArmor							  AA_CHANGE_HAT(2)

NAME

       aa_change_hat  - change to or from a "hat" within a AppArmor profile

SYNOPSIS

       #include <sys/apparmor.h>

       int aa_change_hat (char *subprofile, unsigned long magic_token);

       Link with -lapparmor when compiling.

DESCRIPTION

       An AppArmor profile applies to an executable program; if a portion of the program needs different access permissions than other portions,
       the program can "change hats" to a different role, also known as a subprofile. To change into a new hat, it calls the aa_change_hat()
       function to do so. It passes in a pointer to the subprofile which it wants to change into, and a 64bit magic_token.  The magic_token is
       used to return out of the subprofile at a later time.

       If a program wants to return out of the current subprofile to the original profile, it calls aa_change_hat() with a pointer to NULL as the
       subprofile, and the original magic_token value. If the magic_token does not match the original magic_token passed into the kernel when the
       program entered the subprofile, the change back to the original profile will not happen, and the current task will be killed.  If the
       magic_token matches the original token, then the process will change back to the original profile.

       If the program wants to change to a subprofile that it can never change back out of, the application should call aa_change_hat() with a
       magic_token of 0.

       As both read(2) and write(2) are mediated, a file must be listed in a subprofile definition if the file is to be accessed while the process
       is in a "hat".

RETURN VALUE

       On success zero is returned. On error, -1 is returned, and errno(3) is set appropriately.

ERRORS

       EINVAL
	   The apparmor kernel module is not loaded or the communication via the /proc/*/attr/current file did not conform to protocol.

       ENOMEM
	   Insufficient kernel memory was available.

       EPERM
	   The calling application is not confined by apparmor.

       ECHILD
	   The application's profile has no hats defined for it.

       EACCES
	   The specified subprofile does not exist in this profile or the process tried to change another process's domain.

EXAMPLE

       The following code examples shows simple, if contrived, uses of aa_change_hat(); a typical use of aa_change_hat() will separate privileged
       portions of a process from unprivileged portions of a process, such as keeping unauthenticated network traffic handling separate from
       authenticated network traffic handling in OpenSSH or executing user-supplied CGI scripts in apache.

       The use of random(3) is simply illustrative. Use of /dev/urandom is recommended.

       First, a simple high-level overview of aa_change_hat() use:

	void foo (void) {
	       unsigned long magic_token;

	       /* get a random magic token value
	       from our huge entropy pool */
	       magic_token = random_function();

	       /* change into the subprofile while
		* we do stuff we don't trust */
	       aa_change_hat("stuff_we_dont_trust", magic_token);

	       /* Go do stuff we don't trust -- this is all
		* done in *this* process space, no separate
		* fork()/exec()'s are done. */
	       interpret_perl_stuff(stuff_from_user);

	       /* now change back to our original profile */
	       aa_change_hat(NULL, magic_token);
	}

       Second, an example to show that files not listed in a subprofile ("hat") aren't accessible after an aa_change_hat() call:

	#include <stdlib.h>
	#include <string.h>
	#include <sys/apparmor.h>
	#include <sys/types.h>
	#include <sys/stat.h>
	#include <fcntl.h>
	#include <stdio.h>
	#include <unistd.h>

	int main(int argc, char *argv[]) {
	       int fd;
	       unsigned long tok;
	       char buf[10];

	       /* random() is a poor choice */
	       tok = random();

	       /* open /etc/passwd outside of any hat */
	       if ((fd=open("/etc/passwd", O_RDONLY)) < 0)
		       perror("Failure opening /etc/passwd");

	       /* confirm for ourselves that we can really read /etc/passwd */
	       memset(&buf, 0, 10);
	       if (read(fd, &buf, 10) == -1) {
		       perror("Failure reading /etc/passwd pre-hat");
		       _exit(1);
	       }
	       buf[9] = '';
	       printf("/etc/passwd: %s
", buf);

	       /* change hat to the "hat" subprofile, which should not have
		* read access to /etc/passwd -- even though we have a valid
		* file descriptor at the time of the aa_change_hat() call. */
	       if (aa_change_hat("hat", tok)) {
		       perror("Failure changing hat -- aborting");
		       _exit(1);
	       }

	       /* confirm that we cannot read /etc/passwd */
	       lseek(fd,0,SEEK_SET);
	       memset(&buf, 0, 10);
	       if (read(fd, &buf, 10) == -1)
		       perror("Failure reading /etc/passwd post-hat");
	       buf[9] = '';
	       printf("/etc/passwd: %s
", buf);

	       return 0;
	}

       This code example requires the following profile to be loaded with apparmor_parser(8):

	/tmp/ch {
	  /etc/ld.so.cache		 mr,
	  /etc/locale/**		 r,
	  /etc/localtime		 r,
	  /usr/share/locale/**		 r,
	  /usr/share/zoneinfo/**	 r,
	  /usr/lib/locale/**		 mr,
	  /usr/lib/gconv/*.so		 mr,
	  /usr/lib/gconv/gconv-modules*  mr,

	  /lib/ld-*.so* 	mrix,
	  /lib/libc*.so*	mr,
	  /lib/libapparmor*.so* mr,
	  /dev/pts/*		rw,
	  /tmp/ch		mr,

	  /etc/passwd		r,

	  ^hat {
	    /dev/pts/*	   rw,
	  }
	}

       The output when run:

	$ /tmp/ch
	/etc/passwd: root:x:0:
	Failure reading /etc/passwd post-hat: Permission denied
	/etc/passwd:
	$

BUGS

       None known. If you find any, please report them to bugzilla at <http://bugzilla.novell.com>. Note that aa_change_hat(2) provides no memory
       barriers between different areas of a program; if address space separation is required, then separate processes should be used.

SEE ALSO

       apparmor(7), apparmor.d(5), apparmor_parser(8), and <http://forge.novell.com/modules/xfmod/project/?apparmor>.

NOVELL
/SUSE							    2007-07-27							  AA_CHANGE_HAT(2)
All times are GMT -4. The time now is 03:58 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy