- rsbac - rsbac.org

RSBAC for kernel 6.12
by Amon Ott 29 Jan '25

29 Jan '25

Hi there, RSBAC has been ported successfully to the new LTS kernel 6.12. In my tests, 6.12 works fine. Please give it a try and report. Patches are at https://download.rsbac.org/latestdiff/6.12/ Amon. -- https://www.rsbac.org GnuPG: E25D2F7B0C561382570DB487DC2A69DA870FE7FF 2018-03-20

2 3

New request types GET_XATTR and MODIFY_XATTR on FD targets
by Amon Ott 29 Oct '24

29 Oct '24

Hi there, the system call families getxattr() and setxattr() used to be intercepted with requests GET_PERMISSIONS_DATA and MODIFY_PERMISSIONS_DATA. Since extended attributes do much more than Linux access control with ACLs, we needed a way to distinguish these types of access. I decided to introduce the new request types GET_XATTR and MODIFY_XATTR for them, valid for all FD targets. The changes are in the kernel Git repos for 6.6, 6.1, 5.15 and 5.10 as well as in the rsbac-admin repo for administration. Older kernels remain unchanged. Amon. -- https://www.rsbac.org GnuPG: E25D2F7B0C561382570DB487DC2A69DA870FE7FF 2018-03-20

1 0

RSBAC for kernel 6.6
by Amon Ott 26 Jun '24

26 Jun '24

Hi, RSBAC has been ported successfully to LTS kernel 6.6. Internal kernel changes to the Linux caps structure required new on-disk versions of all RSBAC lists holding cap vectors. I took the chance to default CONFIG_RSBAC_MOVETO to yes with 6.6 and auto-adjust RC and ACL FD lists with new versions, too. Existing WRITE right to FD targets gets amended with MOVETO during list upgrade to avoid unexpected behaviour. The automatic list version upgrades mean that going back to previous kernels might show invalid lists, you need to boot with rsbac_list_recover kernel parameter and set cap related and RC and ACL FD values again. In my tests, 6.6 seems to be running pretty well, please give it a try and report. Amon. -- https://www.rsbac.org GnuPG: E25D2F7B0C561382570DB487DC2A69DA870FE7FF 2018-03-20

1 1

RSBAC very stable with kernel 6.1
by Amon Ott 05 Oct '23

05 Oct '23

Hi folks, just a quick note that kernel 6.1 has been running very well with RSBAC for months now, I recommend switching to 6.1. As usual, you get all the code at https://download.rsbac.org/latestdiff/ or through Git at git.rsbac.org/, e.g. git.rsbac.org/linux-6.1.y Amon. -- https://www.rsbac.org GnuPG: E25D2F7B0C561382570DB487DC2A69DA870FE7FF 2018-03-20

1 0

[Plug] Adamantix and RSBAC workshops
by oscar pjt 26 Jul '23

26 Jul '23

Hello good evening <peter(a)adamantix.org> I just want to ask? can i get the source code of the project you created called adamantix linux or adamantix operating system and sorry if my english is not good, because i can't speak english

2 1

RSBAC 1.5.6 for kernel 6.1
by Amon Ott 17 Feb '23

17 Feb '23

Hi folks, just a quick notice that RSBAC has been ported to kernel 6.1 at 5.15 state. Seems to be running fine on my test system, but please test yourself and report here or to the bug tracker. You get all the code at https://download.rsbac.org/latestdiff/ or through Git at git.rsbac.org/, e.g. git://git.rsbac.org/linux-6.1.y RSBAC has been running very well with kernel series 5.10 for a long time, so please consider 5.10 to be the best choice for now. Amon. -- https://www.rsbac.org GnuPG: E25D2F7B0C561382570DB487DC2A69DA870FE7FF 2018-03-20

2 2

2025

2024

2023

rsbac