Provided by: gradm_1.9.15-2_i386
gradm - Administration program for grsecurity ACLs
gradm [ -E ] [ -R ] [ -L [logfile] ] [ -O <filename|stream> ] [ -M
<filename|uid> ] [ -D ] [ -T <subject> <object> ] [ -P ] [ -a ] [ -h ]
[ -v ]
gradm is the userspace ACL parsing and authentication program for the
grsecurity Access Control List System.
grsecurity aims to be a complete security system for Linux 2.4. gradm
performs several tasks for the ACL system including authenticated via a
password to the kernel and parsing ACLs to be passed to the kernel.
All options to gradm are mutually exclusive, except for -L and -O.
-E Enable the ACL system
-R Reload the ACL system (only valid while in admin mode)
Remove an execution ban on a given uid or filename that has been
put in place by the RES_CRASH resource restriction of the ACL
Parses the learning logs. Accepts an optional argument which
specifies the kernel logfile to scan for the learning logs.
Learning logs are logged through syslog with a level of INFO.
If the argument is not specified, gradm will scan your
/etc/syslog.conf file to find a suitable log to scan. This
option has to be used with -O.
Specifies output mode. Requires a single argument that can be
"stdout", "stderr", or a regular file. Only used with -L.
-D Disable the ACL system
-T <subject> <object>
Displays the permissions for object allowed by subject
-P Setup the password for the ACL system
-a Obtain full administrative capabilities(override ACL system)
-h Display help information
-v Print version information and exit
Please include as much information as possible(using any available
debugging options) and send bug reports for gradm or the grsecurity ACL
system to firstname.lastname@example.org.
grsecurity and gradm were created and are maintained by Brad Spengler