From owner-freebsd-security@FreeBSD.ORG Fri Mar 18 11:47:00 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 18FBA16A4CE for ; Fri, 18 Mar 2005 11:47:00 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4D09B43D53 for ; Fri, 18 Mar 2005 11:46:59 +0000 (GMT) (envelope-from vaida.bogdan@gmail.com) Received: by rproxy.gmail.com with SMTP id j1so104663rnf for ; Fri, 18 Mar 2005 03:46:58 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=bC0at5OnsFTjCI2ia9MB+wMUenUsW92fXPD0P3eY0YEV9s8ke80eORcxd2iod4cDugpuwtX6gYJEfMZJGNaQ5qlaxujMI0hwYIhVwgHSTLrJaVfFKFqcC1Xb3PUnK17fCWyCVcoFKVj8BfxRM+1VR1Rh1R0OE314Vum7af+S1ZE= Received: by 10.38.208.17 with SMTP id f17mr617256rng; Fri, 18 Mar 2005 03:46:58 -0800 (PST) Received: by 10.38.208.63 with HTTP; Fri, 18 Mar 2005 03:46:58 -0800 (PST) Message-ID: <12848a3b05031803466f7cd25c@mail.gmail.com> Date: Fri, 18 Mar 2005 13:46:58 +0200 From: vaida bogdan To: Oleg Palij In-Reply-To: <20050316085413.2cb4ec3c@iscmpd-oleg.dp.uz.gov.ua> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit References: <20050316085413.2cb4ec3c@iscmpd-oleg.dp.uz.gov.ua> cc: freebsd-security@freebsd.org cc: csjp@freebsd.org Subject: Re: FreeBSD trusted execution system: beta testers wanted X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: vaida bogdan List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Mar 2005 11:47:00 -0000 VMWare port gives error when mac.chkexec is enabled but not enforced: # sysctl security.mac.chkexec security.mac.chkexec.enable: 1 security.mac.chkexec.enforce: 0 ... # cd /usr/ports/emulators/vmware3 && make ===> Extracting for vmware3-3.2.1.2242_10,1 => Checksum OK for VMware-workstation-3.2.1-2242.tar.gz. => Checksum OK for vmmon-only-3.2.1-20040727.tar.gz. => Checksum OK for vmnet-only-3.2.1-20040705.tar.gz. vmware-distrib/INSTALL: Can't update time for vmware-distrib/INSTALL: Input/output error vmware-distrib/vmware-install.pl: Can't update time for vmware-distrib/vmware-install.pl: Input/output error *** Error code 1 Stop in /usr/ports/emulators/vmware3. *** Error code 1 Stop in /usr/ports/emulators/vmware3. # sysctl security.mac.chkexec.enable=0 cd /usr/ports/emulators/vmware3 && make WMWare compiles fine. On Wed, 16 Mar 2005 08:54:13 +0200, Oleg Palij wrote: > Hi! > > Thanks for developing such interesting feature :) ! > > But I have some problems, which I cant understand. > > # sysctl security.mac.chkexec.enforce=0 > security.mac.chkexec.enforce: 1 -> 0 > > # setfhash /usr/local/sbin/logrotate > # getfhash /usr/local/sbin/logrotate > /usr/local/sbin/logrotate: sha1 78513a038cd9416f2be710b6732369b96874b364 > > # sysctl security.mac.chkexec.enforce=1 > security.mac.chkexec.enforce: 0 -> 1 > > # /usr/local/sbin/logrotate > bash: /usr/local/sbin/logrotate: Operation not permitted > > # getfhash /usr/local/sbin/logrotate > /usr/local/sbin/logrotate: sha1 78513a038cd9416f2be710b6732369b96874b364 > > How can I see what exactly goes wrong ??? > > Oleg. > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" >