Debian+LIDS installation,SOS
INIT
open: No such file or directory
lidsadm: cannot open /sys/kernel/security/lids/locks
reason:: No such file or directory
Whats happening?
13 Replies
these articles
@decbin:
I've patched the kernel source,compiled and installed it.
Are you sure that you're running it? You selected pvgrub in the linode manager and confirmed that you're running your custom-compiled kernel? Merely installing the kernel is insufficient.
@Guspaz:
@decbin:I've patched the kernel source,compiled and installed it.
Are you sure that you're running it? You selected pvgrub in the linode manager and confirmed that you're running your custom-compiled kernel? Merely installing the kernel is insufficient.
Yes,also used "uname -a" to confirm.
I like Debian,but it seems that LIDS don't,LOL.
dmesg | grep -i lids
You sure you have compiled it statically and not as a module (or
have it specified in /etc/modules)?
@rsk:
zgrep -i lids /proc/config.gz
dmesg | grep -i lids
You sure you have compiled it statically and not as a module (or
have it specified in /etc/modules)?
zgrep -i lids /proc/config.gz
CONFIG_LIDS=y
CONFIGLIDSNOFLOODLOG=y
CONFIGLIDSALLOW_SWITCH=y
CONFIGLIDSALLOW_LFS=y
CONFIGLIDSRESTRICTMODESWITCH=y
CONFIGLIDSMODESWITCHCONSOLE=y
CONFIGLIDSMODESWITCHSERIAL=y
CONFIGLIDSMODESWITCHPTY=y
CONFIGLIDSNF_MARK=y
CONFIGLIDSTPE=y
CONFIGLIDSTDE=y
CONFIGCAPLIDSSANDBOXEFF_SET=y
CONFIGLIDSSHRINK_SIZE=y
CONFIGLIDSDEBUG=y
dmesg | grep -i lids
LIDS: Initializing…
Failure registering LIDS with the kernel
@decbin:
dmesg | grep -i lids
LIDS: Initializing…
Failure registering LIDS with the kernel
This sure sounds bad… you sure the patch is meant for thie kernel version, that you have all the prereqs if any (does LIDS depend on grsec? Sorry, I don't use any of these hardening stuffs…)…
Got the basic security framework and securityfs enabled? Do you have any install docs there, and did you read them? (can't find a thing on their website… >.<)
@rsk:
@decbin:dmesg | grep -i lids
LIDS: Initializing…
Failure registering LIDS with the kernel
This sure sounds bad… you sure the patch is meant for thie kernel version, that you have all the prereqs if any (does LIDS depend on grsec? Sorry, I don't use any of these hardening stuffs…)…Got the basic security framework and securityfs enabled? Do you have any install docs there, and did you read them? (can't find a thing on their website… >.<)
Yes.I googled but found no solution.
dmesg | grep -A15 'LIDS:.*Initializing'
There may be lines without LIDS prefix between the initialize and the failure message….
:/usr/src/linux# dmesg | grep -A15 'LIDS:.*Initializing'
LIDS: Initializing…
Failure registering LIDS with the kernel
Mount-cache hash table entries: 512
CPU: L1 I cache: 32K, L1 D cache: 32K
CPU: L2 cache: 256K
CPU: L3 cache: 8192K
CPU: Unsupported number of siblings 16
Performance Events: unsupported p6 CPU model 26 no PMU driver, software events only.
Freeing SMP alternatives: 25k freed
cpu 0 spinlock event irq 1
installing Xen timer for CPU 1
cpu 1 spinlock event irq 7
Initializing CPU#1
CPU: L1 I cache: 32K, L1 D cache: 32K
CPU: L2 cache: 256K
CPU: L3 cache: 8192K