mirror of https://github.com/Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
121 lines
8.8 KiB
121 lines
8.8 KiB
#define DEFAULTSECMSG "%.256s[%.16s:%d] uid/euid:%u/%u gid/egid:%u/%u, parent %.256s[%.16s:%d] uid/euid:%u/%u gid/egid:%u/%u" |
|
#define GR_ACL_PROCACCT_MSG "%.256s[%.16s:%d] IP:%pI4 TTY:%.64s uid/euid:%u/%u gid/egid:%u/%u run time:[%ud %uh %um %us] cpu time:[%ud %uh %um %us] %s with exit code %ld, parent %.256s[%.16s:%d] IP:%pI4 TTY:%.64s uid/euid:%u/%u gid/egid:%u/%u" |
|
#define GR_PTRACE_ACL_MSG "denied ptrace of %.950s(%.16s:%d) by " |
|
#define GR_STOPMOD_MSG "denied modification of module state by " |
|
#define GR_ROFS_BLOCKWRITE_MSG "denied write to block device %.950s by " |
|
#define GR_ROFS_MOUNT_MSG "denied writable mount of %.950s by " |
|
#define GR_IOPERM_MSG "denied use of ioperm() by " |
|
#define GR_IOPL_MSG "denied use of iopl() by " |
|
#define GR_SHMAT_ACL_MSG "denied attach of shared memory of UID %u, PID %d, ID %u by " |
|
#define GR_UNIX_CHROOT_MSG "denied connect() to abstract AF_UNIX socket outside of chroot by " |
|
#define GR_SHMAT_CHROOT_MSG "denied attach of shared memory outside of chroot by " |
|
#define GR_MEM_READWRITE_MSG "denied access of range %Lx -> %Lx in /dev/mem by " |
|
#define GR_SYMLINK_MSG "not following symlink %.950s owned by %d.%d by " |
|
#define GR_LEARN_AUDIT_MSG "%s\t%u\t%u\t%u\t%.4095s\t%.4095s\t%lu\t%lu\t%.4095s\t%lu\t%pI4" |
|
#define GR_ID_LEARN_MSG "%s\t%u\t%u\t%u\t%.4095s\t%.4095s\t%c\t%d\t%d\t%d\t%pI4" |
|
#define GR_HIDDEN_ACL_MSG "%s access to hidden file %.950s by " |
|
#define GR_OPEN_ACL_MSG "%s open of %.950s for%s%s by " |
|
#define GR_CREATE_ACL_MSG "%s create of %.950s for%s%s by " |
|
#define GR_FIFO_MSG "denied writing FIFO %.950s of %d.%d by " |
|
#define GR_MKNOD_CHROOT_MSG "denied mknod of %.950s from chroot by " |
|
#define GR_MKNOD_ACL_MSG "%s mknod of %.950s by " |
|
#define GR_UNIXCONNECT_ACL_MSG "%s connect() to the unix domain socket %.950s by " |
|
#define GR_TTYSNIFF_ACL_MSG "terminal being sniffed by IP:%pI4 %.480s[%.16s:%d], parent %.480s[%.16s:%d] against " |
|
#define GR_MKDIR_ACL_MSG "%s mkdir of %.950s by " |
|
#define GR_RMDIR_ACL_MSG "%s rmdir of %.950s by " |
|
#define GR_UNLINK_ACL_MSG "%s unlink of %.950s by " |
|
#define GR_SYMLINK_ACL_MSG "%s symlink from %.480s to %.480s by " |
|
#define GR_HARDLINK_MSG "denied hardlink of %.930s (owned by %d.%d) to %.30s for " |
|
#define GR_LINK_ACL_MSG "%s link of %.480s to %.480s by " |
|
#define GR_INHERIT_ACL_MSG "successful inherit of %.480s's ACL for %.480s by " |
|
#define GR_RENAME_ACL_MSG "%s rename of %.480s to %.480s by " |
|
#define GR_UNSAFESHARE_EXEC_ACL_MSG "denied exec with cloned fs of %.950s by " |
|
#define GR_PTRACE_EXEC_ACL_MSG "denied ptrace of %.950s by " |
|
#define GR_NNP_EXEC_ACL_MSG "denied exec of %.950s due to NNP by " |
|
#define GR_EXEC_ACL_MSG "%s execution of %.950s by " |
|
#define GR_EXEC_TPE_MSG "denied untrusted exec (due to %.70s) of %.950s by " |
|
#define GR_SEGVSTART_ACL_MSG "possible exploit bruteforcing on " DEFAULTSECMSG " banning uid %u from login for %lu seconds" |
|
#define GR_SEGVNOSUID_ACL_MSG "possible exploit bruteforcing on " DEFAULTSECMSG " banning execution for %lu seconds" |
|
#define GR_MOUNT_CHROOT_MSG "denied mount of %.256s as %.930s from chroot by " |
|
#define GR_PIVOT_CHROOT_MSG "denied pivot_root from chroot by " |
|
#define GR_TRUNCATE_ACL_MSG "%s truncate of %.950s by " |
|
#define GR_ATIME_ACL_MSG "%s access time change of %.950s by " |
|
#define GR_ACCESS_ACL_MSG "%s access of %.950s for%s%s%s by " |
|
#define GR_CHROOT_CHROOT_MSG "denied double chroot to %.950s by " |
|
#define GR_CHROOT_RENAME_MSG "denied bad rename of %.950s out of a chroot by " |
|
#define GR_CHMOD_CHROOT_MSG "denied chmod +s of %.950s by " |
|
#define GR_CHMOD_ACL_MSG "%s chmod of %.950s by " |
|
#define GR_CHROOT_FCHDIR_MSG "denied fchdir outside of chroot to %.950s by " |
|
#define GR_CHROOT_PATHAT_MSG "denied relative path access outside of chroot to %.950s by " |
|
#define GR_CHROOT_FHANDLE_MSG "denied use of file handles inside chroot by " |
|
#define GR_CHOWN_ACL_MSG "%s chown of %.950s by " |
|
#define GR_SETXATTR_ACL_MSG "%s setting extended attribute of %.950s by " |
|
#define GR_REMOVEXATTR_ACL_MSG "%s removing extended attribute of %.950s by " |
|
#define GR_WRITLIB_ACL_MSG "denied load of writable library %.950s by " |
|
#define GR_INITF_ACL_MSG "init_variables() failed %s by " |
|
#define GR_DISABLED_ACL_MSG "Error loading %s, trying to run kernel with acls disabled. To disable acls at startup use <kernel image name> gracl=off from your boot loader" |
|
#define GR_DEV_ACL_MSG "/dev/grsec: %d bytes sent %d required, being fed garbage by " |
|
#define GR_SHUTS_ACL_MSG "shutdown auth success for " |
|
#define GR_SHUTF_ACL_MSG "shutdown auth failure for " |
|
#define GR_SHUTI_ACL_MSG "ignoring shutdown for disabled RBAC system for " |
|
#define GR_SEGVMODS_ACL_MSG "segvmod auth success for " |
|
#define GR_SEGVMODF_ACL_MSG "segvmod auth failure for " |
|
#define GR_SEGVMODI_ACL_MSG "ignoring segvmod for disabled RBAC system for " |
|
#define GR_ENABLE_ACL_MSG "%s RBAC system loaded by " |
|
#define GR_ENABLEF_ACL_MSG "unable to load %s for " |
|
#define GR_RELOADI_ACL_MSG "ignoring reload request for disabled RBAC system" |
|
#define GR_RELOAD_ACL_MSG "%s RBAC system reloaded by " |
|
#define GR_RELOADF_ACL_MSG "failed reload of %s for " |
|
#define GR_SPROLEI_ACL_MSG "ignoring change to special role for disabled RBAC system for " |
|
#define GR_SPROLES_ACL_MSG "successful change to special role %s (id %d) by " |
|
#define GR_SPROLEL_ACL_MSG "special role %s (id %d) exited by " |
|
#define GR_SPROLEF_ACL_MSG "special role %s failure for " |
|
#define GR_UNSPROLEI_ACL_MSG "ignoring unauth of special role for disabled RBAC system for " |
|
#define GR_UNSPROLES_ACL_MSG "successful unauth of special role %s (id %d) by " |
|
#define GR_INVMODE_ACL_MSG "invalid mode %d by " |
|
#define GR_PRIORITY_CHROOT_MSG "denied priority change of process (%.16s:%d) by " |
|
#define GR_FAILFORK_MSG "failed fork with errno %s by " |
|
#define GR_NICE_CHROOT_MSG "denied priority change by " |
|
#define GR_UNISIGLOG_MSG "%.32s occurred at %p in " |
|
#define GR_DUALSIGLOG_MSG "signal %d sent to " DEFAULTSECMSG " by " |
|
#define GR_SIG_ACL_MSG "denied send of signal %d to protected task " DEFAULTSECMSG " by " |
|
#define GR_SYSCTL_MSG "denied modification of grsecurity sysctl value : %.32s by " |
|
#define GR_SYSCTL_ACL_MSG "%s sysctl of %.950s for%s%s by " |
|
#define GR_TIME_MSG "time set by " |
|
#define GR_DEFACL_MSG "fatal: unable to find subject for (%.16s:%d), loaded by " |
|
#define GR_MMAP_ACL_MSG "%s executable mmap of %.950s by " |
|
#define GR_MPROTECT_ACL_MSG "%s executable mprotect of %.950s by " |
|
#define GR_SOCK_MSG "denied socket(%.16s,%.16s,%.16s) by " |
|
#define GR_SOCK_NOINET_MSG "denied socket(%.16s,%.16s,%d) by " |
|
#define GR_BIND_MSG "denied bind() by " |
|
#define GR_CONNECT_MSG "denied connect() by " |
|
#define GR_BIND_ACL_MSG "denied bind() to %pI4 port %u sock type %.16s protocol %.16s by " |
|
#define GR_CONNECT_ACL_MSG "denied connect() to %pI4 port %u sock type %.16s protocol %.16s by " |
|
#define GR_IP_LEARN_MSG "%s\t%u\t%u\t%u\t%.4095s\t%.4095s\t%pI4\t%u\t%u\t%u\t%u\t%pI4" |
|
#define GR_EXEC_CHROOT_MSG "exec of %.980s within chroot by process " |
|
#define GR_CAP_ACL_MSG "use of %s denied for " |
|
#define GR_CAP_CHROOT_MSG "use of %s in chroot denied for " |
|
#define GR_CAP_ACL_MSG2 "use of %s permitted for " |
|
#define GR_USRCHANGE_ACL_MSG "change to uid %u denied for " |
|
#define GR_GRPCHANGE_ACL_MSG "change to gid %u denied for " |
|
#define GR_REMOUNT_AUDIT_MSG "remount of %.256s by " |
|
#define GR_UNMOUNT_AUDIT_MSG "unmount of %.256s by " |
|
#define GR_MOUNT_AUDIT_MSG "mount of %.256s to %.256s by " |
|
#define GR_CHDIR_AUDIT_MSG "chdir to %.980s by " |
|
#define GR_EXEC_AUDIT_MSG "exec of %.930s (%.128s) by " |
|
#define GR_RESOURCE_MSG "denied resource overstep by requesting %lu for %.16s against limit %lu for " |
|
#define GR_RWXMMAP_MSG "denied RWX mmap of %.950s by " |
|
#define GR_RWXMPROTECT_MSG "denied RWX mprotect of %.950s by " |
|
#define GR_TEXTREL_AUDIT_MSG "allowed %s text relocation transition in %.950s, VMA:0x%08lx 0x%08lx by " |
|
#define GR_PTGNUSTACK_MSG "denied marking stack executable as requested by PT_GNU_STACK marking in %.950s by " |
|
#define GR_VM86_MSG "denied use of vm86 by " |
|
#define GR_PTRACE_AUDIT_MSG "process %.950s(%.16s:%d) attached to via ptrace by " |
|
#define GR_PTRACE_READEXEC_MSG "denied ptrace of unreadable binary %.950s by " |
|
#define GR_INIT_TRANSFER_MSG "persistent special role transferred privilege to init by " |
|
#define GR_BADPROCPID_MSG "denied read of sensitive /proc/pid/%s entry via fd passed across exec by " |
|
#define GR_SYMLINKOWNER_MSG "denied following symlink %.950s since symlink owner %u does not match target owner %u, by " |
|
#define GR_BRUTE_DAEMON_MSG "bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for " |
|
#define GR_BRUTE_SUID_MSG "bruteforce prevention initiated due to crash of %.950s against uid %u, banning suid/sgid execs for %u minutes. Please investigate the crash report for " |
|
#define GR_IPC_DENIED_MSG "denied %s of overly-permissive IPC object with creator uid %u by " |
|
#define GR_TIOCSTI_MSG "denied unprivileged use of TIOCSTI by " |
|
#define GR_MSRWRITE_MSG "denied write to CPU MSR by "
|
|
|