grsecurity post-kernel configs

tarballedtux · 09-25-2002, 05:42 PM

OK, I compiled lq3 nicely with alot of grsec stuff. Now in /proc/sys/kernel/grsecurity/ I have stuff like tpe,and audit* files. During the kernel config I selected the default GIDs is there a way to change it? Without recompiling.

About the other options, like altered pings and rand_pids. How can I tell if there working?

--tarballedtux

unSpawn · 09-25-2002, 06:42 PM

Excellent!
If you selected grsec to have sysctl support, yes:
either by echoing like: "echo (var) > /proc/sys/kernel/grsecurity/grsec_lock" or use a config file:
sysctl -e -p /location/sysctl.grsec.conf
If you try to vary /proc settings it comes in handy to have separate sysctl.conf's. Note if you tried the first example and echoed a "1" it would freeze grsec settings untill reboot.
Note 2 if you want to try the ACL system you need gradm from grsecurity.net.

tarballedtux · 09-25-2002, 07:04 PM

Hmm, what exactly do you mean. I know all I have to do is echo a non-zero value into the grsec-sysctl file. But did you mean that for the audit_* files I could echo in a GUID to activate it and specify the GUID I want to audit?

-tarballedtux

unSpawn · 09-25-2002, 07:30 PM

Yes, you can echo the GID into audit_gid (as for any ^*_gid), the other ^audit_* entries only hold binary values.