https://www.rsbac.org/ 2026-04-28T07:15:18+00:00 https://www.rsbac.org/ https://www.rsbac.org/lib/tpl/rsbac/images/favicon.ico text/html 2010-07-08T21:15:40+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/wiki/experiences/tweety?rev=1278623740&do=diff General impression of RSBAC * Pros * Very powerful enhancement of LINUX kernel * Nice design, which allows bunch off cool features like transaction, secure_delete, fd hiding... * Cool community, still small but efficient and reactive * text/html 2006-05-17T15:53:15+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/documentation/rsbac_handbook/configuration_basics/administration_examples/syslog-ng?rev=1147881195&do=diff Setting Up syslog-ng Logging You can use syslog-ng to log RSBAC log messages, which is much more convenient. Disable logging to system log with the “rsbac_nosyslog” kernel flag, or echo “debug nosyslog 1” > /proc/rsbac-info/debug at runtime. You need the kernel option text/html 2006-05-02T13:40:25+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/documentation/administration_examples/syslog-ng?rev=1146577225&do=diff You can use syslog-ng to log RSBAC log messages. Setting up syslog-ng Disable logging to system log with the “rsbac_nosyslog” kernel flag, or echo “debug nosyslog 1” > /proc/rsbac-info/debug at runtime. You need the kernel option “CONFIG_RSBAC_RMSG_NOSYSLOG text/html 2009-01-12T11:18:41+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/documentation/rsbac_handbook/maintenance/upgrade_and_migration?rev=1231759121&do=diff About RSBAC upgrades This document covers the upgrade steps to be followed after each major RSBAC release. If you missed some major upgrade and directly upgrade to the last RSBAC release, you can scroll down and find the changes that will affect you during your upgrade process. text/html 2006-05-02T13:40:25+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/download/bugfixes?rev=1146577225&do=diff Bugfixes This page lists fixes for relevant bugs in all released RSBAC versions from 1.1.0 onwards. If you want to report new bugs or problems, please write to the list and do not forget to mention your kernel and RSBAC version. Reported oopses and crashes can only be investigated with known function addresses. If these are not shown in the log, we will need your System.map to find them. text/html 2009-01-13T12:32:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/documentation/rsbac_handbook/configuration_basics/setting_up_modules/cap?rev=1231849962&do=diff Setting up CAP Before starting with Linux Capabilities (CAP) module administration, your should read the CAP description. CAP administration only change min_caps and max_caps attributes of users and files. This can either be done with rsbac_user_menu and rsbac_fd_menu or with the command line tools attr_get_user, attr_set_user, attr_get_file_dir and attr_set_file_dir. text/html 2011-08-11T10:21:14+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/todo?rev=1313058074&do=diff RSBAC Progression and Roadmap This page reflects our current work queue - if you miss anything here, it will probably not happen. Please discuss any wishes on the RSBAC mailing list at <rsbac@rsbac.org> or open a bug. The RSBAC development team. Planned for the next release 1.5 * text/html 2006-05-02T13:40:25+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/documentation/acronyms?rev=1146577225&do=diff Acronyms There are many, many different acronyms in projects such as RSBAC. This page lists the most important ones, directly or not directly related to RSBAC Note that you often have acronyms underlined in the website. By moving your mouse cursor over them, you can get a direct description. text/html 2009-01-12T11:38:27+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/documentation/rsbac_handbook/installation/first_boot?rev=1231760307&do=diff Preparing your boot loader You will need a few special options for you first RSBAC boot. If you need, we have a complete (and extensive) list of kernel parameters. When you boot, the default RSBAC policy will disallow any setuid call. It means you will not be able to log in! To alleviate this, you can tell RSBAC at boot time that we allow text/html 2009-01-13T09:53:03+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/documentation/rsbac_handbook/security_models/acl?rev=1231840383&do=diff Access Control Lists (ACL) Access Control Lists specify, which subject (user, RC role or ACL group) may access which object (of an object type) with which requests (usual RSBAC requests and ACL specials). If there is no ACL entry for a subject at an object, the rights of the parent object are inherited. Inheritance can be restricted by inheritance masks. text/html 2008-02-28T11:41:34+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/documentation/rsbac_handbook/security_models/vum?rev=1204198894&do=diff Virtual User Management Design Starting from version 1.4, RSBAC contains Virtual User Management (VUM), which is an extension to the existing User Management (UM). Every user id now consists of a 32 Bit virtual set (vset) number and the old fashioned 32 Bit uid. The normal set of users is vset 0. It also exists, if VUM has been turned off in kernel configuration. All other vset numbers can be used as desired, there is no list of known sets. text/html 2017-03-26T09:27:53+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/wiki/experiences/tazok/daz?rev=1490520473&do=diff Yet Another Way To Configure DAZ One morning, after drinking my first cup of coffee at this day I decided to try DAZ. In handbook appeared that was required to run as root, but with the strength given by my breakfast I decided, not I will not. Here you have the result: text/html 2009-04-02T12:47:26+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.rsbac.org/documentation/rsbac_handbook/configuration_basics/setting_up_modules/daz?rev=1238676446&do=diff Setting up DAZ Dazuko is an interface for Antivirus scanners. In this document we will use the ClamAV scanner to connect with the Dazuko interface provided by the RSBAC DAZ module. Preparing your system First of all, make sure the DAZ module is selected, compiled and active in your RSBAC kernel.