You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Linux Mint, the fapolicyd packet from repository (I don't know how to check the package version)
fapolicyd/noble,now 1.3.2+20231212+git973a86d1b4-1build2 amd64
But "bash" and "cut" for user not allowed. (su: failed to execute /bin/bash: Operation not permitted)
"ausearch -i -m fanotify" show <no matches>.
If I disable the "deny_audit perm=any uid=f : all" rule the "bash" and "cut" is allowed.
P.S.
if I add rule
"allow perm=execute uid=f : dir=/usr/bin/"
"bash" is not allowed
If I add
"allow perm=execute uid=f : dir=/usr"
"bash" is allowed
The text was updated successfully, but these errors were encountered:
Linux Mint, the fapolicyd packet from repository (I don't know how to check the package version)
fapolicyd/noble,now 1.3.2+20231212+git973a86d1b4-1build2 amd64
rules.d.zip
In the file "10-f.rules" in "rules.d" (see attachement) I created rules
allow perm=execute uid=f : path=/usr/bin/cut
allow perm=execute uid=f : path=/bin/cut
allow perm=execute uid=f : path=/bin/bash
allow perm=execute uid=f : path=/usr/bin/bash
allow perm=open uid=f : all
deny_audit perm=any uid=f : all
But "bash" and "cut" for user not allowed. (su: failed to execute /bin/bash: Operation not permitted)
"ausearch -i -m fanotify" show
<no matches>.If I disable the "deny_audit perm=any uid=f : all" rule the "bash" and "cut" is allowed.
P.S.
if I add rule
"allow perm=execute uid=f : dir=/usr/bin/"
"bash" is not allowed
If I add
"allow perm=execute uid=f : dir=/usr"
"bash" is allowed
The text was updated successfully, but these errors were encountered: