From owner-freebsd-questions@FreeBSD.ORG Fri Oct 25 15:23:35 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D7B3670D for ; Fri, 25 Oct 2013 15:23:35 +0000 (UTC) (envelope-from david.i.noel@gmail.com) Received: from mail-wg0-x232.google.com (mail-wg0-x232.google.com [IPv6:2a00:1450:400c:c00::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 771152D65 for ; Fri, 25 Oct 2013 15:23:35 +0000 (UTC) Received: by mail-wg0-f50.google.com with SMTP id n12so3990679wgh.17 for ; Fri, 25 Oct 2013 08:23:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=dKcsaXlRkN5GCaJ8/iOuvOg7W/PTDFGJfwSsEOX9ZJU=; b=aDhgsKHDV7RyYvu9kzpLLaPPh4UI4RL77CcKjseBs1KnfX+YCG3jylivwzZEQKytu/ +kCorlb6HtPPkofI3mjOc4dHhn9DtIE8kzkVl8xesvO032Tsixwr5p/sh3K5iGT7ovJA 7kA2wI91ITZJsSYbXZBNsaIqbthXAAqzzO9Yjow90xOoiBCWvUI4SiGCw1FzA6ijYt2M m0sbGMR0QCDc/pR5htzCr+VrbYUc0wfQG1+7Rhno6JRenBSwHshbB/c5dHFQV4MnOfXj xnHfAuPE2u9RKUsZz2EM75ZwPhx5CYIfROWXLAADeAaC1zgfz6LaSINKKf1ZBuPAzat8 MPsQ== MIME-Version: 1.0 X-Received: by 10.180.219.8 with SMTP id pk8mr2986279wic.58.1382714613763; Fri, 25 Oct 2013 08:23:33 -0700 (PDT) Received: by 10.216.166.68 with HTTP; Fri, 25 Oct 2013 08:23:33 -0700 (PDT) In-Reply-To: <1382692375.92947.9.camel@mailsb> References: <1382692375.92947.9.camel@mailsb> Date: Fri, 25 Oct 2013 10:23:33 -0500 Message-ID: Subject: Re: MAC issue on FBSD 9.1-RELEASE From: David Noel To: ASV Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: David.I.Noel@gmail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Oct 2013 15:23:35 -0000 > I'm wondering if something have been changed regarding MAC on FreeBSD > 9.1-RELEASE. Since I've executed freebsd-update basically updating from > the first release to the p7, I cannot longer login with my restricted > accounts. > I always get: > >> _secure_path: cannot stat /home/macuser/.login_conf: Permission denied >> login: LOGIN macuser REFUSED (HOMEDIR) ON TTY ttyv1 > > and on the login screen (user tty) I get: > >> login: Could not determine audit condition > > no matter if the file is there or not, neither which DAC/MAC permissions > are there, no matter if I disable the ":requirehome:" and the > ":ttys.allow:" directives on login.conf. Not even relabling the entire > FS helped. > > I've spent several hours now to figure out but at this point seems to me > that the update screwed everything up somehow. > Does anyone have any idea of what's going on? Any input would be REALLY > appreciated. I've had my fair share of troubles with FreeBSD's MAC and unfortunately wound up just disabling it entirely. While I don't have a solution to your specific problem I would suggest cc'ing trustedbsd-discuss@freebsd.org. You *may* find someone there who could help, though the last time I tried to hail anyone on it it was all but dead.