Hi,
I'm trying to use mac_bsdextended on a server in order to limit access on the filesystem for a certain user.
I've enabled
to get some logging, but then we get messages like this:
Now .. how is this useful? Can this be 'translated' to something that actualy points to something understandable? I get the uid:gid field, but the request, I have no idea. Also, the whole documentation of the mac modules is very limited. That's really a pitty, because I feel these modules can be very powerfull in securing a FreeBSD server.
Could anyone shed some light on this? Or perhaps some pointers to docs, preferably with examples?
I'm trying to use mac_bsdextended on a server in order to limit access on the filesystem for a certain user.
I've enabled
Code:
security.mac.bsdextended.logging=1
Code:
Nov 5 16:35:48 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:37:44 servername kernel: mac_bsdextended: 80:80 request 8192 on 0:0 failed.
Nov 5 16:37:44 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:40:59 servername kernel: mac_bsdextended: 80:80 request 8192 on 0:0 failed.
Nov 5 16:40:59 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:40:59 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:41:01 servername kernel: mac_bsdextended: 80:80 request 8192 on 0:0 failed.
Nov 5 16:48:54 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:49:04 servername kernel: mac_bsdextended: 80:80 request 8192 on 0:0 failed.
Nov 5 16:49:13 servername kernel: mac_bsdextended: 80:80 request 8192 on 0:0 failed.
Nov 5 16:49:13 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:49:13 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:49:13 servername kernel: mac_bsdextended: 80:80 request 8192 on 0:0 failed.
Nov 5 16:49:28 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:49:28 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:49:32 servername kernel: mac_bsdextended: 80:80 request 8192 on 0:0 failed.
Nov 5 16:50:32 servername kernel: mac_bsdextended: 80:80 request 8192 on 0:0 failed.
Nov 5 16:50:32 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:50:32 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:50:50 servername kernel: mac_bsdextended: 80:80 request 8192 on 0:0 failed.
Nov 5 16:50:50 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.
Nov 5 16:50:50 servername kernel: mac_bsdextended: 80:80 request 64 on 0:0 failed.Now .. how is this useful? Can this be 'translated' to something that actualy points to something understandable? I get the uid:gid field, but the request, I have no idea. Also, the whole documentation of the mac modules is very limited. That's really a pitty, because I feel these modules can be very powerfull in securing a FreeBSD server.
Could anyone shed some light on this? Or perhaps some pointers to docs, preferably with examples?