Mageia forum

share the magic

Skip to content

Lots of errors in MSEC logs

This forum is dedicated to basic help and support :

Ask here your questions about basic installation and usage of Mageia. For example you may post here all your questions about getting Mageia isos and installing it, configuring your printer, using your word processor etc.

Try to ask your questions in the right sub-forum with as much details as you can gather. the more precise the question will be, the more likely you are to get a useful answer
Post a reply

Lots of errors in MSEC logs

Postby zugunder » Jan 20th, '12, 18:50

Hi,

I took a look at the log file of the weekly MSEC check and there are a lot of errors. I guess, some of them are not important, but the issues with bootloader and wrong file names and attributes may cause some problems...
Could I ask anyone to take a look at the log file?

Thank you.

P.S. I should have been more specific I guess...
So here are the things that seem to be wrong:
bootloader ->
Error: Missing file or directory: "/boot/grub/grub.conf" (Bootloader configuration file)
bootloader: ERROR
The thing is that I do not have grub.conf at this location (actually, I do not find it at all...).
Warning: Can't read a constant UT_NAMESIZE, header file /usr/include/bits/utmp.h not found
Error: /etc/group: Line 1: Group root has too long name.
and many others of similar kind.
I do not have a /usr/include/bits/ folder at all on my system either.
Error: Home directory of user "rpm" is world-readable.
Error: Home directory of user "rpm" is world-accessible.

Should it be like this or is it an error?
Error: Home directory of user "rpcuser" has wrong uid: 0. Expected uid is 488.
Warning: Home directory of user "rpcuser" has wrong gid: 0. Expected gid is 484.

Should I manually change the ids?
root_dirs ->
Error: There should not be a "/.config" directory under "/"
root_dirs: ERROR

filesystem ->
filesystem: FAIL

I have no idea why filesystem check fails...
Attachments
MSEC.txt
(22.95 KiB) Downloaded 72 times
zugunder
 
Posts: 388
Joined: Jun 10th, '11, 00:22
Top

Re: Lots of errors in MSEC logs

Postby doktor5000 » Jan 20th, '12, 22:00

Those probably come from sectool, not from msec itself, and this is due the fact that sectool wasn't adapted to Mageia, it uses the default configuration, which is for fedora. Sectool will probably be removed for Mageia 2, you can also remove it if you want to. Take a look at https://bugs.mageia.org/show_bug.cgi?id=2808 for further information
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
User avatar
doktor5000
 
Posts: 18054
Joined: Jun 4th, '11, 10:10
Location: Leipzig, Germany
Top

Re: Lots of errors in MSEC logs

Postby zugunder » Jan 21st, '12, 00:06

Thank you, it seems to be clear now.
Do you suggest just to set CHECK_SECTOOL parameter in Periodic checks to Disabled or is it necessary to remove the whole sectool from the system?
zugunder
 
Posts: 388
Joined: Jun 10th, '11, 00:22
Top

Re: Lots of errors in MSEC logs

Postby doktor5000 » Jan 21st, '12, 01:13

Whatever you like better :)
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
User avatar
doktor5000
 
Posts: 18054
Joined: Jun 4th, '11, 10:10
Location: Leipzig, Germany
Top

Re: Lots of errors in MSEC logs

Postby zugunder » Jan 23rd, '12, 23:20

BTW, what is the difference between options "no" and "Disabled" for the parameter CHECK_SECTOOL in MSEC: System security and audit > Periodic checks?

Thank you.
zugunder
 
Posts: 388
Joined: Jun 10th, '11, 00:22
Top
Post a reply

Return to Basic support

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Group
cron