[Systrace] telnet policy generation
Kim Onnel
karim.adel at gmail.com
Mon Feb 28 03:57:11 EST 2005
Hello,
I am trying to generate a policy rule for telnet, i did the following
and got some error, kindly find below a log of it all.
-bash-3.00# systrace -A /usr/bin/telnet
telnet> open
(to) 172.31.1.1
Trying 172.31.1.1...
Connected to 172.31.1.1.
Escape character is '^]'.
User Access Verification
Username: test
Password:
RPMI>q
Connection closed by foreign host.
-bash-3.00# ls /root/.systrace/
tmp usr_bin_telnet
-bash-3.00# cp /root/.systrace/ /etc/systrace/
-bash-3.00# cp /root/.systrace/usr_bin_telnet /etc/systrace/
-bash-3.00# ls -alh /etc/systrace/usr_bin_telnet
-rw------- 1 root wheel 1.8K Feb 28 10:41 /etc/systrace/usr_bin_telnet
-bash-3.00# chown root.bin /etc/systrace/usr_bin_telnet
-bash-3.00# chmod +x /etc/systrace/usr_bin_telnet
-bash-3.00# ls -alh /etc/systrace/usr_bin_telnet
-rwxrwxrwx 1 root bin 1.8K Feb 28 10:41 /etc/systrace/usr_bin_telnet
and when i try to test :
$ telnet 172.31.1.1
telnet: krb5_cc_get_principal: 1
$
on the console:
-bash-3.00# Feb 28 10:49:03 bastion2 systrace: deny user: test, prog:
/usr/bin/telnet, pid: 5245(2)[11212], policy: /usr/bin/telnet,
filters: 42, syscall: native-fsread(5), filename: /tmp/krb5cc_1001
Any ideas ?
Regards
More information about the systrace
mailing list