pkg_add on 64bits kernel w/ options MAC
Jerry Toung
jrytoung at gmail.com
Tue Aug 19 23:14:42 UTC 2008
On Tue, Aug 19, 2008 at 1:26 PM, Robert Watson <rwatson at freebsd.org> wrote:
>
>
> Sounds like a bug of some sort. Could you send the output of "sysctl
> security.mac"? Also, if you could use ktrace to confirm which system calls
> are returning EACCES/EPERM leading to the warnings, that would also be
> helpful.
>
>
I will file a PR later on. In the mean time here are the outputs you were
looking for:
security.mac.max_slots: 4
security.mac.enforce_network: 1
security.mac.enforce_pipe: 1
security.mac.enforce_posix_sem: 1
security.mac.enforce_suid: 1
security.mac.mmap_revocation_via_cow: 0
security.mac.mmap_revocation: 1
security.mac.enforce_vm: 1
security.mac.enforce_process: 1
security.mac.enforce_socket: 1
security.mac.enforce_system: 1
security.mac.enforce_kld: 1
security.mac.enforce_sysv_msg: 1
security.mac.enforce_sysv_sem: 1
security.mac.enforce_sysv_shm: 1
security.mac.enforce_fs: 1
bsd64-21# kdump -f ktrace.out
1045 ktrace RET ktrace 0
1045 ktrace CALL execve(0x7fffffffe720,0x7fffffffec80,0x7fffffffec98)
1045 ktrace RET execve -1 errno 2 No such file or directory
1045 ktrace CALL execve(0x7fffffffe720,0x7fffffffec80,0x7fffffffec98)
1045 ktrace RET execve -1 errno 2 No such file or directory
1045 ktrace CALL execve(0x7fffffffe720,0x7fffffffec80,0x7fffffffec98)
1045 pkg_add RET execve 0
1045 pkg_add CALL mmap(0,0x1e40,0x3,0x1000,0xffffffff,0,0)
1045 pkg_add RET mmap 5443584/0x800531000
1045 pkg_add CALL munmap(0x800531000,0x1e40)
1045 pkg_add RET munmap 0
1045 pkg_add CALL
__sysctl(0x7fffffffe930,0x2,0x800639180,0x7fffffffe928,0,0)
1045 pkg_add RET __sysctl 0
1045 pkg_add CALL mmap(0,0x8000,0x3,0x1002,0xffffffff,0,0)
1045 pkg_add RET mmap 5443584/0x800531000
1045 pkg_add CALL issetugid
1045 pkg_add RET issetugid 0
1045 pkg_add CALL open(0x80052eff0,0,0x1b6)
1045 pkg_add RET open -1 errno 2 No such file or directory
1045 pkg_add CALL open(0x80052e1a8,0,0)
1045 pkg_add RET open 3
1045 pkg_add CALL read(0x3,0x7fffffffe8d0,0x80)
1045 pkg_add RET read 128/0x80
1045 pkg_add CALL lseek(0x3,0,0x80,0)
1045 pkg_add RET lseek 128/0x80
1045 pkg_add CALL read(0x3,0x800535000,0x3c)
1045 pkg_add RET read 60/0x3c
1045 pkg_add CALL close(0x3)
1045 pkg_add RET close 0
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access -1 errno 2 No such file or directory
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access 0
1045 pkg_add CALL open(0x8005320c0,0,0x800639060)
1045 pkg_add RET open 3
1045 pkg_add CALL fstat(0x3,0x7fffffffe8e0)
1045 pkg_add RET fstat 0
1045 pkg_add CALL read(0x3,0x800638040,0x1000)
1045 pkg_add RET read 4096/0x1000
1045 pkg_add CALL mmap(0,0x10e000,0x5,0x20002,0x3,0,0)
1045 pkg_add RET mmap 6541312/0x80063d000
1045 pkg_add CALL mprotect(0x800648000,0x1000,0x7)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mprotect(0x800648000,0x1000,0x5)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mmap(0x800749000,0x2000,0x3,0x12,0x3,0,0xc000)
1045 pkg_add RET mmap 7639040/0x800749000
1045 pkg_add CALL close(0x3)
1045 pkg_add RET close 0
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access 0
1045 pkg_add CALL open(0x800532120,0,0x6c)
1045 pkg_add RET open 3
1045 pkg_add CALL fstat(0x3,0x7fffffffe8e0)
1045 pkg_add RET fstat 0
1045 pkg_add CALL read(0x3,0x800638040,0x1000)
1045 pkg_add RET read 4096/0x1000
1045 pkg_add CALL mmap(0,0x10c000,0x5,0x20002,0x3,0,0)
1045 pkg_add RET mmap 7647232/0x80074b000
1045 pkg_add CALL mprotect(0x800755000,0x1000,0x7)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mprotect(0x800755000,0x1000,0x5)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mmap(0x800856000,0x1000,0x3,0x12,0x3,0,0xb000)
1045 pkg_add RET mmap 8740864/0x800856000
1045 pkg_add CALL close(0x3)
1045 pkg_add RET close 0
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access -1 errno 2 No such file or directory
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access 0
1045 pkg_add CALL open(0x800532140,0,0x75)
1045 pkg_add RET open 3
1045 pkg_add CALL fstat(0x3,0x7fffffffe8e0)
1045 pkg_add RET fstat 0
1045 pkg_add CALL read(0x3,0x800638040,0x1000)
1045 pkg_add RET read 4096/0x1000
1045 pkg_add CALL mmap(0,0x138000,0x5,0x20002,0x3,0,0)
1045 pkg_add RET mmap 8744960/0x800857000
1045 pkg_add CALL mprotect(0x800886000,0x1000,0x7)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mprotect(0x800886000,0x1000,0x5)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mmap(0x800987000,0x8000,0x3,0x12,0x3,0,0x30000)
1045 pkg_add RET mmap 9990144/0x800987000
1045 pkg_add CALL close(0x3)
1045 pkg_add RET close 0
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access 0
1045 pkg_add CALL open(0x800532180,0,0x6c)
1045 pkg_add RET open 3
1045 pkg_add CALL fstat(0x3,0x7fffffffe8e0)
1045 pkg_add RET fstat 0
1045 pkg_add CALL read(0x3,0x800638040,0x1000)
1045 pkg_add RET read 4096/0x1000
1045 pkg_add CALL mmap(0,0x247000,0x5,0x20002,0x3,0,0)
1045 pkg_add RET mmap 10022912/0x80098f000
1045 pkg_add CALL mprotect(0x800a9b000,0x1000,0x7)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mprotect(0x800a9b000,0x1000,0x5)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mmap(0x800b9c000,0x37000,0x3,0x12,0x3,0,0x10d000)
1045 pkg_add RET mmap 12173312/0x800b9c000
1045 pkg_add CALL mmap(0x800bd3000,0x3000,0x3,0x1012,0xffffffff,0,0)
1045 pkg_add RET mmap 12398592/0x800bd3000
1045 pkg_add CALL close(0x3)
1045 pkg_add RET close 0
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access 0
1045 pkg_add CALL open(0x8005321a0,0,0x2e)
1045 pkg_add RET open 3
1045 pkg_add CALL fstat(0x3,0x7fffffffe8e0)
1045 pkg_add RET fstat 0
1045 pkg_add CALL read(0x3,0x800638040,0x1000)
1045 pkg_add RET read 4096/0x1000
1045 pkg_add CALL mmap(0,0x20f000,0x5,0x20002,0x3,0,0)
1045 pkg_add RET mmap 12410880/0x800bd6000
1045 pkg_add CALL mprotect(0x800cb1000,0x1000,0x7)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mprotect(0x800cb1000,0x1000,0x5)
1045 pkg_add RET mprotect 0
1045 pkg_add CALL mmap(0x800db1000,0x1b000,0x3,0x12,0x3,0,0xdb000)
1045 pkg_add RET mmap 14356480/0x800db1000
1045 pkg_add CALL mmap(0x800dcc000,0x19000,0x3,0x1012,0xffffffff,0,0)
1045 pkg_add RET mmap 14467072/0x800dcc000
1045 pkg_add CALL close(0x3)
1045 pkg_add RET close 0
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access -1 errno 2 No such file or directory
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access 0
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access 0
1045 pkg_add CALL access(0x800536000,0)
1045 pkg_add RET access 0
1045 pkg_add CALL sysarch(0x81,0x7fffffffe9a0)
1045 pkg_add RET sysarch 0
1045 pkg_add CALL mmap(0,0x890,0x3,0x1000,0xffffffff,0,0)
1045 pkg_add RET mmap 5476352/0x800539000
1045 pkg_add CALL munmap(0x800539000,0x890)
1045 pkg_add RET munmap 0
1045 pkg_add CALL mmap(0,0xae0,0x3,0x1000,0xffffffff,0,0)
1045 pkg_add RET mmap 5476352/0x800539000
1045 pkg_add CALL munmap(0x800539000,0xae0)
1045 pkg_add RET munmap 0
1045 pkg_add CALL mmap(0,0x650,0x3,0x1000,0xffffffff,0x800000000,0)
1045 pkg_add RET mmap 5476352/0x800539000
1045 pkg_add CALL munmap(0x800539000,0x650)
1045 pkg_add RET munmap 0
1045 pkg_add CALL mmap(0,0x22e0,0x3,0x1000,0xffffffff,0x800000000,0)
1045 pkg_add RET mmap 5476352/0x800539000
1045 pkg_add CALL munmap(0x800539000,0x22e0)
1045 pkg_add RET munmap 0
1045 pkg_add CALL mmap(0,0xad70,0x3,0x1000,0xffffffff,0x800000000,0)
1045 pkg_add RET mmap 5476352/0x800539000
1045 pkg_add CALL munmap(0x800539000,0xad70)
1045 pkg_add RET munmap 0
1045 pkg_add CALL mmap(0,0xb180,0x3,0x1000,0xffffffff,0x800000000,0)
1045 pkg_add RET mmap 5476352/0x800539000
1045 pkg_add CALL munmap(0x800539000,0xb180)
1045 pkg_add RET munmap 0
1045 pkg_add CALL sigprocmask(0x1,0x800637f40,0x7fffffffe960)
1045 pkg_add RET sigprocmask 0
1045 pkg_add CALL sigprocmask(0x3,0x800637f50,0)
1045 pkg_add RET sigprocmask 0
1045 pkg_add CALL open(0x40b965,0,0x1b6)
1045 pkg_add RET open -1 errno 2 No such file or directory
1045 pkg_add CALL lstat(0x7fffffffee40,0x7fffffffe250)
1045 pkg_add RET lstat 0
1045 pkg_add CALL __getcwd(0x510f00,0x400)
1045 pkg_add RET __getcwd 0
1045 pkg_add CALL lstat(0x510f00,0x7fffffffe220)
1045 pkg_add RET lstat 0
1045 pkg_add CALL umask(0x12)
1045 pkg_add RET umask 18/0x12
1045 pkg_add CALL sigaction(0x2,0x7fffffffe280,0x7fffffffe260)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL sigaction(0x1,0x7fffffffe280,0x7fffffffe260)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL stat(0x7fffffffde80,0x7fffffffd600)
1045 pkg_add RET stat 0
1045 pkg_add CALL stat(0x40bb0c,0x7fffffffbd10)
1045 pkg_add RET stat 0
1045 pkg_add CALL statfs(0x40bb0c,0x7fffffffbb20)
1045 pkg_add RET statfs 0
1045 pkg_add CALL gettimeofday(0x7fffffffbb70,0)
1045 pkg_add RET gettimeofday 0
1045 pkg_add CALL getpid
1045 pkg_add RET getpid 1045/0x415
1045 pkg_add CALL open(0x800cb135f,0,0)
1045 pkg_add RET open 3
1045 pkg_add CALL read(0x3,0x7fffffffbb84,0x6c)
1045 pkg_add RET read 108/0x6c
1045 pkg_add CALL close(0x3)
1045 pkg_add RET close 0
1045 pkg_add CALL stat(0x7fffffffda80,0x7fffffffbc40)
1045 pkg_add RET stat 0
1045 pkg_add CALL mkdir(0x7fffffffda80,0x1c0)
1045 pkg_add RET mkdir 0
1045 pkg_add CALL chmod(0x7fffffffda80,0x1c0)
1045 pkg_add RET chmod 0
1045 pkg_add CALL statfs(0x7fffffffda80,0x7fffffffbb20)
1045 pkg_add RET statfs 0
1045 pkg_add CALL __getcwd(0x510220,0x400)
1045 pkg_add RET __getcwd 0
1045 pkg_add CALL chdir(0x7fffffffda80)
1045 pkg_add RET chdir 0
1045 pkg_add CALL readlink(0x800caa841,0x7fffffffbcf0,0x3f)
1045 pkg_add RET readlink -1 errno 2 No such file or directory
1045 pkg_add CALL issetugid
1045 pkg_add RET issetugid 0
1045 pkg_add CALL mmap(0,0x1000,0x3,0x1002,0xffffffff,0x800000000,0)
1045 pkg_add RET mmap 5476352/0x800539000
1045 pkg_add CALL break(0x545000)
1045 pkg_add RET break 0
1045 pkg_add CALL break(0x546000)
1045 pkg_add RET break 0
1045 pkg_add CALL break(0x547000)
1045 pkg_add RET break 0
1045 pkg_add CALL break(0x548000)
1045 pkg_add RET break 0
1045 pkg_add CALL
__sysctl(0x7fffffffbc08,0x2,0x7fffffffbbfc,0x7fffffffbc00,0,0)
1045 pkg_add RET __sysctl 0
1045 pkg_add CALL break(0x588000)
1045 pkg_add RET break 0
1045 pkg_add CALL sigaction(0x2,0x7fffffffbbe0,0x7fffffffbbc0)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL sigaction(0x3,0x7fffffffbbe0,0x7fffffffbba0)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL sigprocmask(0x1,0x7fffffffbb90,0x7fffffffbb80)
1045 pkg_add RET sigprocmask 0
1045 pkg_add CALL fork
1045 pkg_add RET fork 1046/0x416
1045 pkg_add CALL wait4(0x416,0x7fffffffbb7c,0,0)
1045 pkg_add RET wait4 1046/0x416
1045 pkg_add CALL sigaction(0x2,0x7fffffffbbc0,0)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL sigaction(0x3,0x7fffffffbba0,0)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL sigprocmask(0x3,0x7fffffffbb80,0)
1045 pkg_add RET sigprocmask 0
1045 pkg_add CALL break(0x558000)
1045 pkg_add RET break 0
1045 pkg_add CALL write(0x2,0x7fffffffb4a0,0x9)
1045 pkg_add RET write 9
1045 pkg_add CALL write(0x2,0x7fffffffb580,0x25)
1045 pkg_add RET write 37/0x25
1045 pkg_add CALL write(0x2,0x800db7e87,0x1)
1045 pkg_add RET write 1
1045 pkg_add CALL write(0x2,0x7fffffffb520,0x9)
1045 pkg_add RET write 9
1045 pkg_add CALL write(0x2,0x7fffffffb600,0x4f)
1045 pkg_add RET write 79/0x4f
1045 pkg_add CALL write(0x2,0x800db7e87,0x1)
1045 pkg_add RET write 1
1045 pkg_add CALL sigaction(0x2,0x7fffffffbd70,0x7fffffffbd50)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL chdir(0x510220)
1045 pkg_add RET chdir 0
1045 pkg_add CALL
__sysctl(0x7fffffffbc78,0x2,0x7fffffffbc6c,0x7fffffffbc70,0,0)
1045 pkg_add RET __sysctl 0
1045 pkg_add CALL break(0x598000)
1045 pkg_add RET break 0
1045 pkg_add CALL sigaction(0x2,0x7fffffffbc50,0x7fffffffbc30)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL sigaction(0x3,0x7fffffffbc50,0x7fffffffbc10)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL sigprocmask(0x1,0x7fffffffbc00,0x7fffffffbbf0)
1045 pkg_add RET sigprocmask 0
1045 pkg_add CALL fork
1045 pkg_add RET fork 1048/0x418
1045 pkg_add CALL wait4(0x418,0x7fffffffbbec,0,0)
1045 pkg_add RET wait4 1048/0x418
1045 pkg_add CALL sigaction(0x2,0x7fffffffbc30,0)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL sigaction(0x3,0x7fffffffbc10,0)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL sigprocmask(0x3,0x7fffffffbbf0,0)
1045 pkg_add RET sigprocmask 0
1045 pkg_add CALL break(0x558000)
1045 pkg_add RET break 0
1045 pkg_add CALL sigaction(0x2,0x7fffffffbd80,0x7fffffffbd60)
1045 pkg_add RET sigaction 0
1045 pkg_add CALL exit(0x1)
bsd64-21#
More information about the freebsd-hackers
mailing list