rbac "audit preselection failed"

rbac "audit preselection failed"

Post by Ben Fitzgeral » Fri, 24 Mar 2006 02:22:27



Hi,

I want to use RBAC to let a user group of user accounts run a script as
another user.

Upon running the script I get the following error:

pfexec: audit preselection failed

In exec_attr:
WebSync:suser:cmd:::/home/web/dev.to.sta/aems-websync.dev.to.sta:uid=web;euid=web

In prof_attr:
WebSync:::Allow websync scripts:

In user_attr:
websync::::type=role;profiles=WebSync,All

Role websync has a home directory.

$ su - websync
$ /home/web/dev.to.sta/aems-websync.dev.to.sta
pfexec: audit preselection failed

Perhaps I'm missing something obvious that someone can help with?

One other point of note: I'm running winbindd for samba on this box.

Thanks very much,

Ben.

--
Registered Linux user number 339435

 
 
 

rbac "audit preselection failed"

Post by Erik C.J. Laa » Fri, 24 Mar 2006 08:05:00



> Hi,

> I want to use RBAC to let a user group of user accounts run a script as
> another user.

> Upon running the script I get the following error:

> pfexec: audit preselection failed

> In exec_attr:
> WebSync:suser:cmd:::/home/web/dev.to.sta/aems-websync.dev.to.sta:uid=web;euid=web

> In prof_attr:
> WebSync:::Allow websync scripts:

> In user_attr:
> websync::::type=role;profiles=WebSync,All

> Role websync has a home directory.

> $ su - websync
> $ /home/web/dev.to.sta/aems-websync.dev.to.sta
> pfexec: audit preselection failed

> Perhaps I'm missing something obvious that someone can help with?

> One other point of note: I'm running winbindd for samba on this box.

> Thanks very much,

> Ben.

This is caused by event 6180 missing from /etc/security/audit_event.
Event 6180 should read something like

6180:AUS_prof_cmd:profile command:ua,as

but this is from memory from a about 10 hours ago. This is probably fixed
with patch 109007-21 or some earlier revision of that patch.

HTH, Erik.