Page 1 of 1

debian and grsecurity

Posted: 2016-08-15 03:27
by cipheryouth
OS : Debian

kernel : 3.14.63-grsec

I have a redis docker containe.

After the "Full system learn", gradm -E, some warnings came up.

Code: Select all

warning: denied access to /proc/1/stat by /usr/local/bin/redis-server, parent /usr/bin/docker-containered-shim
So how can I fix it.

Thanks a lot.

Re: debian and grsecurity

Posted: 2016-08-15 03:38
by GarryRicketson
Forum guidelines. Please read before first post!
Before you start using Debian User Forums, please observe the following guidelines:

Do not cross post. Posting the same topic in more than one category only creates confusion and makes it hard to keep track on the various replies. Double posts will be locked.

Re: debian and grsecurity

Posted: 2016-08-15 03:40
by cipheryouth
And my policy is follow:

Code: Select all

subject /usr/local/bin/redis-server o {
     ...
     /proc/1/stat     r
     ...
}