[rsbac] rsbac-v1.2.1-pre2 uploaded

Amon Ott rsbac@rsbac.org
Wed Jun 26 14:56:01 2002


Here we are with the second pre version of 1.2.1. This one contains:

- The new JAIL module for easy service encapsulation. Look at FreeBSD Jails 
and you got the idea, but this one is a bit more flexible. See kernel config 
help for more details.

- Made kernel config submenues for RSBAC. Please tell me, if you think this 
is too complicated.

- Menu action logging. Set RSBACLOGFILE to your log file, e.g. in 
rsbac_settings_menu, and you get a command line tool script to replay all 
your menu actions.
My to-do list:


- Support for all archs
- Fix stat for huge files problem in admin tools, e.g. move checks to kernel
- Attribute set log in menues
- New JAIL module for easy service encapsulation

To do for 1.2.1:

- RC ttl setting in menues (already displayed, but setting is a bit tricky)
- AUTH daemon for authentication enforcement
- Support more network address families with addresses etc.
- Support more network address families with NETDEV and SCD/network/firewall
- Port the last lists (AUTH, log_levels etc.) to generic lists
- PM overhaul and menues
- (maybe) Install trace mode with automatic attribute restore (for software
- Script log->auth cap setting
- Learning modes etc. for automatic setup script generation
- ACL support in Samba
- Versions in backup (-V n, n = (major<<16)+(mid<<8)+subver), automatic
  translation to new settings on restore
- (maybe) Attribute set undo log in menues
- (maybe) Attribute get log in menues
- (maybe) RC subroles: Each role has a new set of parent roles, the
compatibilities of which are inherited and added to the ones set for the
subrole. Can be used for role hierarchies, but might make setups too