[rsbac] How Do I Manage RSBAC?

Asaf Gery asaf.gery at gmail.com
Sun Aug 21 08:53:46 CEST 2005


Hello,
I am using Gentoo. I installed Gentoo's rsbac-kernel (
rsbac-sources-2.4.29-r2) and patched it a little bit since I could not 
compile it with LVM2 support enabled (some files/functions were missing).
I included in my kernel most of RSBAC modules (attached is my .config file) 
as well as softmode support. In order to enable more security I completely 
disabled kernel modules support. I read all of the available documentation I 
found about RSBAC in English (sorry, my German is very bad...) and I still 
have no clue how to set my RSBAC policy and configuration.
Could someone please point me to a step by step tutorial followed by 
examples and simple explanations? I am willing to learn this subject deeply, 
unfortunately I am having problems to understand the current documentation - 
it has very few examples and the explanations are very high-level. I am also 
having problems finding my way through the ui (ncurses) based utilities. I 
want to start running the kernel in RSBAC enabled mode. Currently I am 
running it with softmode enabled which is just missing the whole point... 
How do I start? How can I understand the way to work and configure all the 
modules? I need simple explanations with detailed examples, so that I can 
play with them. I am also willing to contribute and write down my own 
comments as soon as I will be able to understand how to do these things... 
Especially I am having problems understanding RC module and the network 
templates. As a first step, I would like to be able to run all the demons on 
my system with RSBAC enabled. I have no clue how to act upon the RSBAC 
warnings in the kernel log file.
Your help is highly appreciated,
TIA,
 Asaf Gery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cfg_and_patch.tar.bz2
Type: application/x-bzip2
Size: 13032 bytes
Desc: not available
Url : http://rsbac.dyndns.org/pipermail/rsbac/attachments/20050821/6a656689/cfg_and_patch.tar.bin


More information about the rsbac mailing list