Read_Icculus Posted May 30, 2003 Report Share Posted May 30, 2003 I recently installed 9.1 after using 9.0 for a long time and I've had a few problems configuring my system's security settings the same way. I go into the control center, then DrakSec to set up specific settings, like "allow_remote_root_login" under "Network Options, System Options, Periodic Checks". I set all of my options and everything seems to go normally except I've noticed that "enable_console_log" won't work no matter how many times I've tried to set it through DrakSec. Also all of my options are reset/dissapear everytime I start up DrakSec making me wonder if they are working, or not working like the console log on vt12. I've updated all of the packages via the official update mirrors in urpmi and I still have the same problem. Thanks for your help. Quote Link to comment Share on other sites More sharing options...
bvc Posted May 31, 2003 Report Share Posted May 31, 2003 Welcome! See if this helps :) http://www.mandrakeusers.org/viewtopic.php?t=4564 Quote Link to comment Share on other sites More sharing options...
Read_Icculus Posted May 31, 2003 Author Report Share Posted May 31, 2003 Thanks for the response. Actually I already knew about msec, I was looking for a bit more refined level of security besides the defaults provided by level 1, 2, 3, etc. As even level 4 allows remote root login with a password. But anyway I bumped up security to "high" in DrakSec, and set my options, (console log on v12 being among my most valued), and it seems to work. Although if "high" is msec level 3 then it might just be on that and my specific options might not have taken since console log, (the only noticeable option I checked), is enabled by default on level 3. So I went rooting around for a config file and /etc/security/msec/security.conf and all the other files in there don't tell me anything about my settings at all. In fact they're empty. So I guess I'll try enabling some specific types of security checks that aren't part of msec level 3 and see if my mucking around with DrakSec has accomplished anything. Quote Link to comment Share on other sites More sharing options...
bvc Posted May 31, 2003 Report Share Posted May 31, 2003 regarding your settings being reset, this shouldn't happen if your changes are in /etc/security/msec/perm.local. Honestly, I haven't messed with msec in 9.1, but in 9.0 I think it was called DrakPerm and it was useless. I did everything from the command line and the setting would stick. Quote Link to comment Share on other sites More sharing options...
Read_Icculus Posted May 31, 2003 Author Report Share Posted May 31, 2003 Maybe that's part of the problem. I don't have a perm.local. Here's an ls of /etc/security/msec/ level.local security.conf* server.4 server.5 level.local and security.conf are blank, the server.4 and 5 files are just lists of commands and whatnot. I'll try some of the security checks before long and see if those settings "stick". Quote Link to comment Share on other sites More sharing options...
Read_Icculus Posted May 31, 2003 Author Report Share Posted May 31, 2003 After taking a look at the man page for msec I notice that my current config is in /var/lib/msec/security.conf CHECK_SHADOW=yes CHECK_SUID_MD5=yes CHECK_UNOWNED=no CHECK_SECURITY=yes CHECK_PASSWD=yes SYSLOG_WARN=yes CHECK_SUID_ROOT=yes CHECK_PERMS=yes MAIL_EMPTY_CONTENT=no CHECK_WRITABLE=yes CHKROOTKIT_CHECK=yes CHECK_PROMISC=no CHECK_SGID=yes RPM_CHECK=yes TTY_WARN=no MAIL_WARN=yes CHECK_OPEN_PORT=yes So can I just edit this file and set my options that way after an "msec -something"? Or do I have to edit a file in /etc/security/msec? And does a simple invocation of msec (1, 2, 3) setup my security level according to the *.conf file? Or what? I've tried reading through the msec man page a few times and doing a search on mandrake secure or what have you with no luck. Quote Link to comment Share on other sites More sharing options...
bvc Posted May 31, 2003 Report Share Posted May 31, 2003 /var/lib/msec/security.conf is where the default levels are set depending on the level you choose. Changes to these settings are done in /etc/security/msec/security.conf, or.....for customizations like yours....have you read Customizing msec With Overrides @ http://www.mandrakesecure.net/en/docs/msec.php ? Quote Link to comment Share on other sites More sharing options...
Read_Icculus Posted May 31, 2003 Author Report Share Posted May 31, 2003 Thanks! That looks like it'll solve my problems. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.