[rsbac] modules at boottime

Amon Ott ao at rsbac.org
Tue Jun 3 12:49:28 MEST 2003 

On Tuesday, 3. June 2003 11:15, Torsten Becker wrote:
> Arkady A Drovosekov schrieb:
> >On Tue, Jun 03, 2003 at 12:55:55AM +0200, Torsten Becker wrote:
> >>I have a adamantix kernel with rsbac installed and get a lot of errors 
> >>with the string rsbac_mount() while booting the kernel.
> >>    
> >>
> >what kind of errors?
> >
> May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC not 
> initialized while mounting DEV 01:00, delaying
> May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC not 
> initialized while mounting DEV 00:02, delaying
> May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC not 
> initialized while mounting DEV 00:02, delaying
> May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC not 
> initialized while mounting DEV 00:08, delaying
> May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC initialization 
> still delayed while mounting real DEV 03:09, forcing rsbac_init()
> May 31 18:46:53 nc-adamantix kernel: do_umount() [sys_umount()]: umount 
> failed -> calling rsbac_mount for Device 01:00

These are fine, they come from the delayed init in the adamantix kernel 
config. Access control will start after forcing the init on the first real 
device mount (03:09), all previously mounted devices will be rsbac_mounted on 
the first access to them.

> >>My real problem is that the network cards (RLT8139c) will not be 
> >>installed at boottime. After system is booted I can log on as root and 
> >>insmod the modul 8139too.
> >>    
> >>
> >what in your /etc/modules?
> >
> >and what distribution do you use?
> >  
> >
> I use a Debian based distribution called Adamantix (former Trusteddebian).
> They offer three kernels: one without rsbac one rsbac -soft and one 
> rsbac -sec. (2.4.20)
> They say that the kernels only differ in the rsbac settings. My nic's 
> are automaticaly installed with the kernel without rsbac.
> So I thought to have problems with the rsbac settings/restrictions.

Generally, if RSBAC denies anything, you will get a log message with the 
reason for it.

It is possible that you use the wrong initrd file. There are two different 
ones for non-RSBAC and RSBAC kernels in adamantix, because RSBAC may change 
module code and thus changes the kernel version string to use a different set 
of modules. Please check your lilo.conf or grub setting for the initrd= 
strings.

Now, if you boot with the wrong initrd, the RSBAC kernel does not find the 
module in /lib/modules/2.4.20-rsbac, because your initrd modules are in 
/lib/modules/2.4.20.

Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list