FS#46763 - [linux-grsec] prevents login via gdm
Attached to Project:
Community Packages
Opened by ITwrx (andriesinfoserv) - Saturday, 17 October 2015, 13:19 GMT
Last edited by Daniel Micay (thestinger) - Saturday, 17 October 2015, 22:09 GMT
Opened by ITwrx (andriesinfoserv) - Saturday, 17 October 2015, 13:19 GMT
Last edited by Daniel Micay (thestinger) - Saturday, 17 October 2015, 22:09 GMT
|
Details
Description: linux-grsec prevents login via gdm.
Additional info: linux-grsec 4.2.3.201510161817-1 gdm 3.18.0-1 log line: grsec: denied kernel module auto-load of fuse by UID 120. (uid 120 is gdm) note: this issue has existed for the last (aprox.) 3 releases of linux-grsec. Or maybe since gdm was last updated? Steps to reproduce: boot arch with gnome and linux-grsec and login won't work. Thanks in advance |
This task depends upon
Closed by Daniel Micay (thestinger)
Saturday, 17 October 2015, 22:09 GMT
Reason for closing: Not a bug
Saturday, 17 October 2015, 22:09 GMT
Reason for closing: Not a bug
it sure does, thanks!
"It prevents unprivileged users from greatly expanding the kernel's attack surface by loading huge amounts of functionality."
i figured that's what was going on but i wasn't sure what to do about it. Is this documented somewhere that i could read up on this specific scenario and/or would you mind pointing me to the location of the index.html for the linux-grsec-docs package
Thanks again.
You can see the MODHARDEN documentation here:
https://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Harden_module_auto-loading
This wiki page is generated from the configuration option documentation that's shown when configuring a kernel.