gradm2 needs a device entry:
gradm2 needs a special entry, a device called /dev/grsec to communicate with
the kernel. It's not created for you, so if you don't already have it and you
don't have devfs or udev please create this as root with the following command:
mknod -m 0622 /dev/grsec2 c 1 13

Changes of release 2.1.6:

    * PaX updates
    * Inverted socket policies (see the sample policy with gradm for syntax)
    * gradm now can work on both 2.4 and 2.6 kernels without requiring a
      recompile for the currently running kernel
    * ATI Radeon (and more) video cards will work properly with the
      /dev/(k)mem restriction feature
    * PAM authentication support has been added to the RBAC system for special
      roles, which allows you to use a variety of different authentication
      methods in place of the regular kernel-based password authentication.
    * A new subject flag was added to be placed on binaries that are allowed to
      communicate with the /dev/grsec device. The "a" mode should be added to
      special roles like the admin role. The sample policy has been updated to
      reflect this change
    * The learn_config file has been updated with new rules to facilitate
      better reduced policies
    * The always-reduce-path directive in learn_config is now interpreted by
      the learning daemon itself, allowing paths to be rewritten before they
      ever reach the disk
    * Various other bugs have been fixed, including improper role reduction in
      some cases in policy generation