With Kernel Care installed, I should be able to apply kernel patch by executing
`kcarectl --update`
However, it gives this error:
Updates already downloaded
Updates already downloaded
rmmod: ERROR: could not remove 'kcare': Operation not permitted
rmmod: ERROR: could not remove module kcare: Operation not permitted
Unable to unload kcare kmod 1
Below is my kernel configuration from /etc/asl/config, please advise what needs to change to allow `kcarectl` to work.
# Kernel configuration.
ALLOW_kmod_loading="yes"
MAX_USER_WATCHES="16384"
GRKERNSEC_DISABLE_PAX="no"
GRKERNSEC_DETER_BRUTEFORCE="no"
GRKERNSEC_CONSISTENT_SETXID="yes"
ENABLE_TPE="yes"
TPE_GROUP_POLICY="untrusted"
TPE_UNTRUSTED_USERS=""
TPE_TRUSTED_USERS=""
DISABLE_PRIVILEGED_IO="no"
AUDIT_MOUNT="no"
AUDIT_CHDIR="no"
AUDIT_PTRACE="yes"
AUDIT_TEXTREL="no"
CHROOT_CAPS="yes"
CHROOT_DENY_CHMOD="yes"
CHROOT_DENY_CHROOT="yes"
CHROOT_DENY_FCHDIR="yes"
CHROOT_DENY_MKNOD="yes"
CHROOT_DENY_MOUNT="yes"
CHROOT_DENY_PIVOT="yes"
CHROOT_DENY_SHMAT="yes"
CHROOT_DENY_SYSCTL="yes"
CHROOT_DENY_UNIX="yes"
CHROOT_ENFORCE_CHDIR="yes"
CHROOT_EXECLOG="no"
CHROOT_FINDTASK="yes"
CHROOT_RESTRICT_NICE="yes"
EXEC_LOGGING="no"
EXEC_LOG_USERS=""
DMESG="yes"
EXECVE_LIMITING="yes"
FIFO_RESTRICTIONS="yes"
FORKFAIL_LOGGING="yes"
HARDEN_PTRACE="yes"
IP_BLACKHOLE="yes"
LASTACK_RETRIES="4"
LINKING_RESTRICTIONS="yes"
RESOURCE_LOGGING="yes"
ROMOUNT_PROTECT="no"
RWXMAP_LOGGING="yes"
SIGNAL_LOGGING="yes"
SOCKET_ALL="yes"
SOCKET_USERS=""
SOCKET_CLIENT="yes"
SOCKET_CLIENT_USERS=""
SOCKET_SERVER="yes"
SOCKET_SERVER_USERS=""
TIMECHANGE_LOGGING="yes"
Unable to unload kcare kmod 1
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: Unable to unload kcare kmod 1
You dont need to use that with the ASL kernel, the ASL kernel is rebootless and does not need third party kernel patching tools. It will automatically patch itself in the very rare case when a patch is necessary.
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
-
- Forum Regular
- Posts: 661
- Joined: Mon Oct 29, 2007 6:51 pm
Re: Unable to unload kcare kmod 1
However, those of us who are using other kernels such as CloudLinux *do* need to do this, which I think is what the OP was asking for.
This is something I could use as well, as I see this on my systems too.
First guess would be that if you change
This is something I could use as well, as I see this on my systems too.
First guess would be that if you change
that you need to reboot before it lets you actually do it - or does this setting have no effect when using non ASL kernels?ALLOW_kmod_loading="yes"
-
- Forum Regular
- Posts: 661
- Joined: Mon Oct 29, 2007 6:51 pm
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: Unable to unload kcare kmod 1
That may be what you need to do. I would check with kernelcare, if you're not using our kernel then that setting is just asking whatever kernel you are using lock module loading, and how that works could vary differently and some kernels dont support that capability.
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone