Grsecurity/Troubleshooting
Appearance
This page lists problems that might arise during deployment and usage of grsecurity.
Policies generated by the Full System Learning mode are lumped under role default, subject /
[edit | edit source]The -F switch for gradm is important, without it the log is assumed to be a process or role-based learning log and results in a single role or single subject policy being generated. The correct invocation after a Full System Learning phase is:
# gradm -F -L /etc/grsec/learning.logs -O /etc/grsec/policy