Documentation
This article describes the activation from RSBAC. It also contains other for me usefull stuff.
Why I chose RSBAC?
The first contact I have got through an article in the linux magazin. Since this time I am using RSBAC. Through this I have learned a lot and still be learning. Thanks to all people which have helped me a lot. Mainly on the irc chanel rsbac on freenode.
Requirements
Some linux skills will needs. When you have minimum skills from LPI 1 corresponding this is a good point to start. Otherwise you will have hard struggle with basic linux commands.
RSBAC can use on every modern computer on which the linux kernel 2.4 or 2.6 runs. I have tested it on an old cpu with 133Mhz and 64MB. Also without problems on a modern amd dualcore cpu and intel quadcore cpu both have 8GB ram and other on computers that runs linux. Very few hard disk space would be needed. Roughly 10MB for the rsbac-admin tools and additional disk space for the rsbac kernel when they are installed.
Don’t forget the disk space for the logfile!
This can grow very fast in some circumstances. It can be from few megabytes till to several gigabytes in one hour.
Preparations
Attention, dont forget to backup your data!
Download a prepatched kernel or patch the kernel by yourself. Download the rsbac-admin tool. Take a look on the overview site. Here is a short help for: Howto use rsbac git repository.
Kernel installation
Install the rsbac-kernel and the rsabc-admin tool.
After this task the system is ready. The main difference between RSBAC and SELinux for the system preparation is, that every package have compiled for SELinux awareness once again .
Uninstall
If you want remove RSBAC from your system, boot a non rsbac kernel and remove rsbac.dat from every partition where you find it.
Thats all, except you had UM use. Then you must restore the authentification files. For example: nsswitch.conf and the pam files.
Manpages
Manpages for rsbac-admin tools.
Modules
Official website to Security Modules. The part below is structurs from the simple up to the difficult RSBAC modules.
RSBAC AUTH
pass
RSBAC PAX
pass
RSBAC AUTH
pass
RSBAC JAIL
Why you want use a jail.
The run-jail is a python-script with simple text configuration files for rsbac_jail. So, it can be use on init scripts to prepare the daemons with jail while system is booting .
If you need help to get the right paramaters for rsbac_jail then see explain jail messages.
RSBAC CAP
Why you want to use cap.
RSBAC ACL
Example setup the acl groups use.
RSBAC UM
Replace the standard pam through rsbac-pam with the RSBAC UM (User Management).
RSBAC RC
For me is RSBAC RC the most powerfull but difficult to use module.
KVM on RSBAC
- Install gentoo-hardened
- Run the guest process by an unpriviliged user (see HowTo)
- Setup rsbac_jail for a kvm-guest (see kvm guest jail)