Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sat, 15 May 2021 17:35:58 +0200
From: bryn1u <m.bryn1u@...il.com>
To: lkrg-users@...ts.openwall.com
Subject: After make install im not able to run lkrg via systemd because of SElinux.

Hey guys,

Have you changed something in lkrg ? I cant runt lkrg on Fresh Centos 8
Stream.

[root@...ton lkrg]# make install
make -C /lib/modules/5.12.1/build M=/root/lkrg modules_install
make[1]: Entering directory '/usr/src/kernels/5.12.1'
  INSTALL /root/lkrg/p_lkrg.ko
  DEPMOD  5.12.1
make[1]: Leaving directory '/usr/src/kernels/5.12.1'
depmod -a
/root/lkrg/scripts/bootup/lkrg-bootup.sh install
 [*] Executing LKRG's bootup installation script
  [+] Systemd detected
       Installing lkrg.service file under /etc/systemd/system directory
       To start lkrg.service please use: systemctl start lkrg
       To enable lkrg.service on bootup please use: systemctl enable
lkrg.service
       Installing lkrg.conf file under /etc/sysctl.d directory
  [+] Done!
[root@...ton lkrg]# systemctl start lkrg
Failed to start lkrg.service: Unit lkrg.service not found.
[root@...ton lkrg]# systemctl enable lkrg
Failed to enable unit: Unit file lkrg.service does not exist.
[root@...ton lkrg]#

*The funny thing is that lkrg.service exist in right place.*

[root@...ton lkrg]#
*[root@...ton lkrg]# setenforce 0*
[root@...ton lkrg]# systemctl start lkrg
[root@...ton lkrg]# systemctl status lkrg
● lkrg.service - Linux Kernel Runtime Guard
   Loaded: loaded (/etc/systemd/system/lkrg.service; disabled; vendor
preset: disabled)
   Active: active (exited) since Sat 2021-05-15 17:30:59 CEST; 48s ago
  Process: 2973 ExecStartPost=/sbin/sysctl -p /etc/sysctl.d/lkrg.conf
(code=exited, status=0/SUCCESS)
  Process: 2969 ExecStart=/sbin/modprobe -v p_lkrg (code=exited,
status=0/SUCCESS)
 Main PID: 2969 (code=exited, status=0/SUCCESS)

May 15 17:30:58 proton.edu.pl systemd[1]: Starting Linux Kernel Runtime
Guard...
May 15 17:30:59 proton.edu.pl modprobe[2969]: insmod
/lib/modules/5.12.1/extra/p_lkrg.ko
May 15 17:30:59 proton.edu.pl systemd[1]: Started Linux Kernel Runtime
Guard.

As you can see, when selinux is disabled i can start lkrg service.

*Log from audit.log*

[root@...ton lkrg]# grep -i lkrg /var/log/audit/audit.log
type=AVC msg=audit(1621092405.902:108): avc:  denied  { read } for  pid=1
comm="systemd" name="lkrg.service" dev="dm-0" ino=633837
scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
type=AVC msg=audit(1621092409.875:109): avc:  denied  { read } for  pid=1
comm="systemd" name="lkrg.service" dev="dm-0" ino=633837
scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
type=AVC msg=audit(1621092658.498:124): avc:  denied  { read } for  pid=1
comm="systemd" name="lkrg.service" dev="dm-0" ino=633837
scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:default_t:s0 tclass=file permissive=1
type=AVC msg=audit(1621092658.498:125): avc:  denied  { open } for  pid=1
comm="systemd" path="/etc/systemd/system/lkrg.service" dev="dm-0"
ino=633837 scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:default_t:s0 tclass=file permissive=1
type=SERVICE_START msg=audit(1621092659.144:126): pid=1 uid=0
auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0
msg='unit=lkrg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=?
addr=? terminal=? res=success'UID="root" AUID="unset"
type=SERVICE_STOP msg=audit(1621092726.815:129): pid=1 uid=0
auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0
msg='unit=lkrg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=?
addr=? terminal=? res=success'UID="root" AUID="unset"
type=AVC msg=audit(1621092726.816:130): avc:  denied  { read } for  pid=1
comm="systemd" name="lkrg.service" dev="dm-0" ino=633837
scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
type=AVC msg=audit(1621092726.817:131): avc:  denied  { read } for  pid=1
comm="systemd" name="lkrg.service" dev="dm-0" ino=633837
scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
type=AVC msg=audit(1621092735.011:132): avc:  denied  { read } for  pid=1
comm="systemd" name="lkrg.service" dev="dm-0" ino=633837
scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0

Someone has any idea where the problem cloud be and why SElinux blocks LKRG
?

Thank you  !
Greetings,

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.