11-04-2019
I have not worked with RBAC ever, so all is just guessing, but I think that is your issue here. Can you find out if the root user is actually allowed in RBAC to set ACLs? If he is not, add that permission.
I am wondering as well if it would not be easier to just somehow allow splunk via rbac to read these files?
This User Gave Thanks to zxmaus For This Post:
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi all,
I am using Sun Solaris 9 .In this system normal users unable to create files from the command line.I added these users in bin,adm and even root group i found them unable to create a file. (1 Reply)
Discussion started by: mallesh
1 Replies
2. AIX
Hi,
Am jus trying to find the Total RAM Size of a AIX m/c (in MB)..svmon works perfectly for a superuser...But i want to achive this as a normal user...Please help me out with correct command..
Best Regards,
Muthukumaran.M (3 Replies)
Discussion started by: muthukumaran13
3 Replies
3. UNIX for Dummies Questions & Answers
Hi,
I'm one of a server administrators. I've the linux root account but I don't know the root password of MySQL (Server version: 5.0.32). I want to GRANT ALL PRIVILEGES to my MySQL account without changing the MySQL's root password. How can I do so? (0 Replies)
Discussion started by: mjdousti
0 Replies
4. AIX
When we as normal user try to login, the session startup terminates and we are presented with the login screen.The root user is able to login without any problem.I can log in to the Aix server as normal user through telnet & using xmanager but not directly through server terminal .The Aix version... (1 Reply)
Discussion started by: ranadeep
1 Replies
5. AIX
Hi all,
I am a beginner in AIX. I am facing a problem with remote printing in AIX.
HP laser jet 1320 printer is connected to a printer server (PCI Mini - 100U3), which is configured as remote printer from AIX server.
But I am not able to print from the AIX server by using "lp -d... (0 Replies)
Discussion started by: Rainy
0 Replies
6. UNIX for Dummies Questions & Answers
I created a new user and changed their home directory to /export/home/mydir/ I verified in the passwd file that the home directory is set to the above and that owner of that directory is the new user and yet when I log in as that user I get the following message:
No directory! Logging in with... (14 Replies)
Discussion started by: some_one
14 Replies
7. UNIX for Dummies Questions & Answers
Hi all,
I have to grant sudo permission to a user.
I have searched online and find that /etc/sudoers file needs to be changed with visudo command. As i am new to linux, this is not clear to me. Can anybody take an example and show me how exactly this done.
Thanks in advance! (2 Replies)
Discussion started by: lramsb4u
2 Replies
8. Shell Programming and Scripting
hi,
i am new in unix.......i am using bash and i want to create a user which has only some command and scripts permission.........is it possible?
thanx (1 Reply)
Discussion started by: rakeshtomar82
1 Replies
9. UNIX and Linux Applications
Hi all,
Please help me solving the error that i get when i trigger the job from autosys. The job is failing after going to restart start and it is throwing an "exit code:128". Please help me understand whats this exit code and how to overcome this. And when i check the logs its giving me an... (4 Replies)
Discussion started by: Bharath V
4 Replies
10. AIX
I have searched this quite a long time but couldn't find the right method for me to use. I need to assign read write permission to the user for specific directories and it's sub directories and files. I do not want to use ACL. I do not want to assign user the same group of that directories too.... (0 Replies)
Discussion started by: blinkingdan
0 Replies
LEARN ABOUT DEBIAN
gradm2
GRADM(8) System Manager's Manual GRADM(8)
NAME
gradm - Administration program for the grsecurity RBAC system
SYNOPSIS
gradm [ -E ] [ -R ] [ -C ] [ -F ] [ -L <logfile> ] [ -O <filename|stream> ] [ -M <filename|uid> ] [ -D ] [ -P [rolename] ] [ -a <rolename>
] [ -n <rolename> ] [ -p <rolename> ] [ -u ] [ -V ] [ -h ] [ -v ]
DESCRIPTION
gradm is the userspace RBAC parsing and authentication program for grsecurity
grsecurity aims to be a complete security system for Linux 2.4. gradm performs several tasks for the RBAC system including authenticated
via a password to the kernel and parsing rules to be passed to the kernel.
OPTIONS
All options to gradm are mutually exclusive, except for -L and -O.
-E Enable the RBAC system
-R Reload the RBAC system (only valid while in admin mode)
-C Perform a check of the RBAC policy, running the same analysis against it that is performed when enabling.
-F Toggle full learning mode. If used only with -L, it enables the RBAC system in full learning mode. If used with -L and -O, it
parses the full learning logs and generates a complete ruleset.
-M <filename|uid>
Remove an execution ban on a given uid or filename that has been put in place by the RES_CRASH resource restriction of the RBAC sys-
tem.
-L <logfile>
Parses the learning logs. Accepts an argument which specifies the logfile to scan for the learning logs. If "-" is specified as
the logfile, stdin will be used as the learning log. This option can be used with -E, -O, or -F.
-O <filename|stream>
Specifies output mode. Requires a single argument that can be "stdout", "stderr", or a regular file. Only used with -L or -F.
-D Disable the RBAC system
-P [rolename]
Without an argument, it sets the password for administering the RBAC system. With a role name as an argument, it sets the password
for that given special role.
-a <rolename>
Authenticate to a special role that requires a password.
-n <rolename>
Authenticate to a special role that does not require a password.
-p <rolename>
Authenticate through PAM to a special role.
-u Removes yourself from your current special role, reverting back to the normal role selection. To be used, for instance, for logging
out of an admin role without exiting your shell.
-V Displays verbose policy statistics when enabling the RBAC system or checking the RBAC policy. Can only be used with -C, -E, or -F
-L <filename>
-h Display help information
-v Print version information and exit
REPORTING BUGS
Please include as much information as possible(using any available debugging options) and send bug reports for gradm or the grsecurity RBAC
system to spender@grsecurity.net.
AUTHOR
grsecurity and gradm were created and are maintained by Brad Spengler <spender@grsecurity.net>
GRADM(8)