HPE Community
Secure OS Software for Linux
1753797 Members
7963 Online
108805 Solutions
New Discussion юеВ

Re: tlinux has no net connection

 
Luis_23
Occasional Contributor

тАО04-02-2002 09:53 PM

тАО04-02-2002 09:53 PM

tlinux has no net connection

I just installed hplx on my machine and everything seemed to work fine untill I tried to telnet to another machine. As a matter of fact, not a single connection can be made to any machine.
I have followed the instructions for the ssh keys, but those dont seem to work ither.
I have installed to the kernel (followed the direct instructions), but tlinux still does not work properlly. If I use vmlinux, I can connect to any machine without a problem, but of course, I cant set any compartments.
One last problem is that under tlinux, I can't start the X window server. Yet again, I can do it with the vmlinux kernel.
Any ideas on how to fix this would be nice. Thanks.
"Climbing is life. The rest? Only details..."
0 Kudos
5 REPLIES 5
Hal Rottenberg
Frequent Advisor

тАО04-03-2002 05:28 AM

тАО04-03-2002 05:28 AM

Re: tlinux has no net connection

Luis,

It sounds to me like you are in the system compartment. By design, when you login via the console or ssh in to your tlinux box, you are placed into the system compartment, which has no network connectivity. To "get out" of your box, you'll have to change compartments.

For administration purposes, you'll commonly want to change to the syshi compartment, which has no restrictions at all and you can pretty much do anything you would do on a standard linux system without our security modules loaded. This is done with a "tlsetcomp syshi" command.

To go into more detail, when at the console, only the first virtual console has the permission to change compartments. This is defined in /etc/inittab. Note below the "t_respawn" is where we hook into the first tty.

# Run gettys in standard runlevels
1:2345:t_respawn:/sbin/mingetty tty1
2:2345:respawn:/sbin/mingetty tty2
...

When coming in via SSH, the compartment and permissions given by user are defined in /etc/tlinux/users/access. For example:

tlinuxadm:system:adm,setcomp:

This means the user tlinuxadm is spawned into the system compartment, and is given tlinux administration permissions and the ability to change compartments.

Regards,

Hal
If at first you don't succeed, then skydiving isn't for you.
0 Kudos
Hal Rottenberg
Frequent Advisor

тАО04-03-2002 05:32 AM

тАО04-03-2002 05:32 AM

Re: tlinux has no net connection

Can you post more information on your X problem? Error messages or the like would be nice.
If at first you don't succeed, then skydiving isn't for you.
0 Kudos
Luis_23
Occasional Contributor

тАО04-03-2002 11:13 AM

тАО04-03-2002 11:13 AM

Re: tlinux has no net connection

 
"Climbing is life. The rest? Only details..."
0 Kudos
Luis_23
Occasional Contributor

тАО04-03-2002 11:21 AM

тАО04-03-2002 11:21 AM

Re: tlinux has no net connection

All I can see from the log is that it might be that some modules are not loaded.
I have compiled & recompiled the kernel to make sure I have all the appropriate modules
installed, but I still get the same error.
"Climbing is life. The rest? Only details..."
0 Kudos
Hal Rottenberg
Frequent Advisor

тАО04-04-2002 04:59 AM

тАО04-04-2002 04:59 AM

Re: tlinux has no net connection

Luis, you probably need to install our new kernel patch. Depending on your CPU (i586, i686, or i686 SMP), this problem was resolved by patches HPTL_00004, HPTL_00005, or HPTL_00006. Those have since been superseded by 13, 14, and 15.

Steps to download:

- click the Maintenance and Support link to the left
- click Individual Patches under the Patching section
- click patches for applications on other platforms
- check the first box "INTEL LINUX patches" and click search

At least, you want to grab 13,14 or 15, depending on your CPU, and you probably want to grab the others as well.

A related subject is how to be notified when new patches or bulletins come out. To do this, also go to Maintenance and Support. Then click on the last link "support information digests" and follow the directions to subscribe to the HP Secure OS Software for Linux security bulletins digest.

Regards,

Hal
If at first you don't succeed, then skydiving isn't for you.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.