I am aware of Apparmor and specifically how it can be used to limit a program’s access rights where of the file-system permissions otherwise allow. What I’m less clear on is whether it’s possible for Apparmor or any similar security module to completely override a program’s access rights. Can they grant a program access to read/write/execute files that the user otherwise has no access to.
I’m asking for what the Linux Kernel will allow such a security module to do, not what existing security modules can be configured to do.
Can security modules completely override Linux Kernel’s access model?
Go to Source
Author: Philip Couling
I try to setup g_mass_Storage to serve mass_storage device on my nanopi neo air with friendlycore (lichee) 3.4 onboard. Module successfully loaded and report, that it has reached ready state, but no device found on pc.
My configuration (in /etc/modprobe.d):
options g_mass_storage file=/mass_storage stall=0 iSerialNumber="Item_1" iProduct="Some_product" iManufacturer="I"
/mass_storage is image which i get by dd 2gb from /dev/zero and then partioning with fdisk.
There is dmesg out:
usb close backing file: 0xd4893000
[ 2801.326443] usb open backing file: /mass_storage, 0xd4893800
[ 2801.326814] g_mass_storage gadget: Mass Storage Function, version: 2009/09/11
[ 2801.326846] g_mass_storage gadget: Number of LUNs=1
[ 2801.326885] lun0: LUN: removable file: /mass_storage
[ 2801.326945] ep_matches, wrn: endpoint already claimed, ep(0xc09e5924, 0xbf145818, ep1in-bulk)
[ 2801.326981] g_mass_storage gadget: Mass Storage Gadget, version: 2009/09/11
[ 2801.327027] g_mass_storage gadget: g_mass_storage ready
I’m carring about “endpoint already claimed” message – what does it mean? Can this fact – already claimed endpoint – lead to unrecognizing device on pc? How i can repair it? Or what else can be whong with my g_mass_storage configuration?
Go to Source
Author: Ksnadr Renderon