I have some problems with set right policy for my gentoo-based system. I have no idea how can I add permissions for everything which was started by /root/scripts/autosync. I am getting error like:
[code]grsec: (default:D:/) denied access of /etc for writing by /usr/bin/python2.6[emerge:24710] uid/euid:0/0 gid/egid:0/0, parent /root/scripts/autosync[autosync:24708] uid/euid:0/0 gid/egid:0/0 [/code]
looks like I can't set permissions for this script, which is dash shell script, to write to /etc etc. Also subject /root/scripts/autosync:* does not work for me. Any solution?
Setting a SUID on a script usually doesn't work. You could try to run it through sudo?
In the /etc/sudoers file, you can restrict users to only execute a limited set of commands (such as this script), under a particular set of privileges, such as root.