=>  Releases

Stable: 1.4.6

  • 3.1.y

Patched kernels
Includes vanilla kernel with the RSBAC patch

  • 3.1.5

Enhanced kernels
Combined patches with RSBAC and PaX, less well tested

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned 

;
; RSBAC JAIL definition for pdnsd
; 20081407,20110113
;
; Installed versions:  1.2.8(10:37:18 10.11.2010)(urandom -debug -ipv6 -isdn -test)
;
; test by: Jens Kasten (igraltist)
; run on: Gentoo (hardened)
;
; daemon change user and group to pdnsd
;
 
""
"0.0.0.0"
(allow-external-ipc
 allow-dev-read
 allow-dev-write)
(net-raw
 sys-ptrace
 net-bind-service
 setgid
 setuid)
()
()

Deprecated: 

;
; RSBAC JAIL definition for pdnsd
; 20081407
;
; Tested by:
; Jens Kasten (igraltist) on gentoo
;
 
""
"0.0.0.0"
(allow-dev-read
 allow-dev-write
 allow-inet-raw
 allow-ipc-syslog
 allow-ipc-parent)
(setgid
 setuid
 net-bind-service
 net-raw
 sys-ptrace
 sys-resource)
(sysctl)
(rlimit
 priority)
This is execute now:
rsbac_jail  -d -D -r -y -P -C  SETGID SETUID NET_BIND_SERVICE NET_RAW SYS_PTRACE SYS_RESOURCE -G  sysctl -M  rlimit priority start-stop-daemon  --start --quiet --exec /usr/sbin/pdnsd -- -t -s -d -p /var/run/pdnsd.pid
 

wiki/experiences/igraltist/jail_pdnsd.txt · Last modified: 2011/06/30 06:31 by igraltist
This website is kindly hosted by m-privacy