[rsbac] acl questions

=?gb2312?q?=FFffffd2=FFffffe0=20=FFffffc1=FFffffd6?= wealet at yahoo.com.cn
Sun Feb 29 11:10:47 CET 2004 

I installed ACL module but didn't choose the following items:
    ACL network device protection
    ACL network object protection
But when the system starts up,it logs messages as follow:
    portmap[3018]: cannot create udp socket: Operation not permitted
    kernel: eth0: VIA VT6102 Rhine-II at 0xe800, 00:e0:4c:85:17:3c, IRQ 11.
    kernel: eth0: MII PHY found at address 1, status 0x786d advertising 05e1 Link 45e1.
    ifup: via-rhine device eth0 does not seem to be present, delaying initialization.
    network: Bringing up interface eth0:  failed
    kernel: rsbac_acl_check_right(): rsbac_acl_get_single_right() returned error RSBAC_EINVALIDTARGET!
    kernel: rsbac_adf_request(): request CREATE, pid 2909, ppid 2896, prog_name iptables, uid 0, target_type NETOBJ, tid cef15ba0 INET RAW proto RAW local 0.0.0.0:255 remote 0.0.0.0:0, attr , value 0, result NOT_GRANTED by ACL
 
If i try to modify ACL rights(as secoff),for exmaple,step into the RSBAC_MENU-> ACL Management->NETTEMP or NETTEMP_NT,erros are incurred.
    kernel: rsbac_acl_sys_get_tlist(): rsbac_acl_get_tlist() returned error RSBAC_EINVALIDTARGET!
    kernel: rsbac_acl_check_right(): rsbac_acl_get_single_right() returned error RSBAC_EINVALIDTARGET!
    kernel: rsbac_adf_request(): request READ, pid 3575, ppid 3536, prog_name net_temp, uid 400, target_type NETTEMP, tid 0, attr , value 0, result NOT_GRANTED by ACL
 
If ACL module is switched off at first,i can step into NETTEMP menu and can choose net templates such as local_network,Auto-IPv4.But when i attempt to add an acl entry,the error is incurred again:
     error:RSBAC_EINVALIDTARGET
And there're log items in the /var/log/messages.
    kernel: rsbac_acl_sys_get_tlist(): rsbac_acl_get_tlist() returned error RSBAC_EINVALIDTARGET!
    kernel: rsbac_acl_sys_get_mask(): rsbac_acl_get_mask() returned error RSBAC_EINVALIDTARGET!
    kernel: rsbac_acl_sys_get_tlist(): rsbac_acl_get_tlist() returned error RSBAC_EINVALIDTARGET!
    kernel: rsbac_acl_sys_add_to_acl_entry(): rsbac_acl_add_to_acl_entry() returned error RSBAC_EINVALIDTARGET!
    kernel: rsbac_acl_sys_get_mask(): rsbac_acl_get_mask() returned error RSBAC_EINVALIDTARGET!
    kernel: rsbac_acl_sys_get_tlist(): rsbac_acl_get_tlist() returned error RSBAC_EINVALIDTARGET!
 
 
    Why does ACL restrict access to network,including secoff,though i didn't choose to?




---------------------------------
Do You Yahoo!?
ÍêÈ«Ãâ·ÑµÄÑÅ»¢µçÓÊ£¬ÂíÉÏ×¢²á»ñÔù¶îÍâ60Õ×ÍøÂç´æ´¢¿Õ¼ä

More information about the rsbac mailing list