RBAC Assistance

From: Fiengo, Paul (Contractor) (FiengoP@ritchie.disa.mil)
Date: Fri Sep 05 2003 - 10:21:13 EDT

• Next message: Frederiksen, Paul (Contractor): "Blackbox KVM + Ultra 10"
• Previous message: Chris Denneen: "Sendmail Forcing From 1 user"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Gurus:

I am attempting to set up RBAC via the command line and am having some
difficulties. I first created a role using the roleadd command. I had it
create a home directory, assigned it to a group, gave it the /bin/ksh for
its use and finally assigned it the profiles of Audit Control and Audit
Review. I subsequently created a user using the useradd command. I created
a home directory, assigned it to the same group as the role, gave it the
same shell as the role, and assigned it the role using the -R option. I
believe so far so good.

I am attempting to get the user to start auditing, recycle the log and parse
out the data using various command via a script. The script is using
!/bin/pfksh as it's shell. I have compared the commands I am utilizing in
the script to what is found in /etc/exec_attr and they are included. When I
attempt to run the script, I get the following output:

Fri Sep 5 15:09:45 GMT 2003 restartco... System auditing is not on.
Attempting to start auditing.
starting audit daemon
/etc/init.d/audit: /etc/security/audit_startup: cannot execute
auditd: Not super-user.
Fri Sep 5 15:09:45 GMT 2003 restartco... Unable to start auditing. Please
check system immediately.

 The first and last entry are my own created by my script. However, the
others are the output of the attempt to start auditing. /etc/init.d/audit
is included in the /etc/security/exec_attr file. The
/etc/security/audit_startup file calls /usr/sbin/auditconfig (included) and
as seen /usr/sbin/auditd (included). Does anyone have any idea why this is
failing? As you can see, it is complaining that I am not the super-user,
however, RBAC is supposed to increase my euid and egid when executing these
commands based on the entries in /etc/security/exec_attr. Any assistance at
all would be greatly appreciated. I will summarize.

Paul Fiengo
DISA FSO / CACI
COM: 717.267.9361
DSN: 570.9361
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Frederiksen, Paul (Contractor): "Blackbox KVM + Ultra 10"
• Previous message: Chris Denneen: "Sendmail Forcing From 1 user"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:27:04 EDT