FreeBSD trusted execution system: beta testers wanted
vaida bogdan
vaida.bogdan at gmail.com
Fri Mar 18 03:47:00 PST 2005
VMWare port gives error when mac.chkexec is enabled but not enforced:
# sysctl security.mac.chkexec
security.mac.chkexec.enable: 1
security.mac.chkexec.enforce: 0
...
# cd /usr/ports/emulators/vmware3 && make
===> Extracting for vmware3-3.2.1.2242_10,1
=> Checksum OK for VMware-workstation-3.2.1-2242.tar.gz.
=> Checksum OK for vmmon-only-3.2.1-20040727.tar.gz.
=> Checksum OK for vmnet-only-3.2.1-20040705.tar.gz.
vmware-distrib/INSTALL: Can't update time for vmware-distrib/INSTALL:
Input/output error
vmware-distrib/vmware-install.pl: Can't update time for
vmware-distrib/vmware-install.pl: Input/output error
*** Error code 1
Stop in /usr/ports/emulators/vmware3.
*** Error code 1
Stop in /usr/ports/emulators/vmware3.
# sysctl security.mac.chkexec.enable=0
cd /usr/ports/emulators/vmware3 && make
WMWare compiles fine.
On Wed, 16 Mar 2005 08:54:13 +0200, Oleg Palij <o.palij at dp.uz.gov.ua> wrote:
> Hi!
>
> Thanks for developing such interesting feature :) !
>
> But I have some problems, which I cant understand.
>
> # sysctl security.mac.chkexec.enforce=0
> security.mac.chkexec.enforce: 1 -> 0
>
> # setfhash /usr/local/sbin/logrotate
> # getfhash /usr/local/sbin/logrotate
> /usr/local/sbin/logrotate: sha1 78513a038cd9416f2be710b6732369b96874b364
>
> # sysctl security.mac.chkexec.enforce=1
> security.mac.chkexec.enforce: 0 -> 1
>
> # /usr/local/sbin/logrotate
> bash: /usr/local/sbin/logrotate: Operation not permitted
>
> # getfhash /usr/local/sbin/logrotate
> /usr/local/sbin/logrotate: sha1 78513a038cd9416f2be710b6732369b96874b364
>
> How can I see what exactly goes wrong ???
>
> Oleg.
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>
More information about the freebsd-security
mailing list