[rsbac] modules at boottime
Torsten Becker
t.becker at nc-world.de
Tue Jun 3 13:34:55 MEST 2003
Amon Ott schrieb:
>On Tuesday, 3. June 2003 11:15, Torsten Becker wrote:
>
>
>>Arkady A Drovosekov schrieb:
>>
>>
>>>On Tue, Jun 03, 2003 at 12:55:55AM +0200, Torsten Becker wrote:
>>>
>>>
>>>>I have a adamantix kernel with rsbac installed and get a lot of errors
>>>>with the string rsbac_mount() while booting the kernel.
>>>>
>>>>
>>>>
>>>>
>>>what kind of errors?
>>>
>>>
>>>
>>May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC not
>>initialized while mounting DEV 01:00, delaying
>>May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC not
>>initialized while mounting DEV 00:02, delaying
>>May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC not
>>initialized while mounting DEV 00:02, delaying
>>May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC not
>>initialized while mounting DEV 00:08, delaying
>>May 31 18:46:53 nc-adamantix kernel: rsbac_mount(): RSBAC initialization
>>still delayed while mounting real DEV 03:09, forcing rsbac_init()
>>May 31 18:46:53 nc-adamantix kernel: do_umount() [sys_umount()]: umount
>>failed -> calling rsbac_mount for Device 01:00
>>
>>
>
>These are fine, they come from the delayed init in the adamantix kernel
>config. Access control will start after forcing the init on the first real
>device mount (03:09), all previously mounted devices will be rsbac_mounted on
>the first access to them.
>
>
>
>>>>My real problem is that the network cards (RLT8139c) will not be
>>>>installed at boottime. After system is booted I can log on as root and
>>>>insmod the modul 8139too.
>>>>
>>>>
>>>>
>>>>
>>>what in your /etc/modules?
>>>
>>>and what distribution do you use?
>>>
>>>
>>>
>>>
>>I use a Debian based distribution called Adamantix (former Trusteddebian).
>>They offer three kernels: one without rsbac one rsbac -soft and one
>>rsbac -sec. (2.4.20)
>>They say that the kernels only differ in the rsbac settings. My nic's
>>are automaticaly installed with the kernel without rsbac.
>>So I thought to have problems with the rsbac settings/restrictions.
>>
>>
>
>Generally, if RSBAC denies anything, you will get a log message with the
>reason for it.
>
>It is possible that you use the wrong initrd file. There are two different
>ones for non-RSBAC and RSBAC kernels in adamantix, because RSBAC may change
>module code and thus changes the kernel version string to use a different set
>of modules. Please check your lilo.conf or grub setting for the initrd=
>strings.
>
>Now, if you boot with the wrong initrd, the RSBAC kernel does not find the
>module in /lib/modules/2.4.20-rsbac, because your initrd modules are in
>/lib/modules/2.4.20.
>
>
I checked the menu.lst of grub. It seems all to be allright. In the
"automatic configuration" section I found two initrd settings.
One for the -soft kernel and one for the -sec kernel always right
beneath the kernel settings. I found none for the kernel without rsbac.
Now, if I boot with the wrong initrd setting , would modprobe install me
the modules?
If I have logged in the system I can do modprobe and the modules are
installed. If I try to do insmod , I get errors. I think these errors
come from the generall RC settings I read about!?
Perhaps I have to tell, that I only configured /bin/login , portmapper
and sshd with rsbac_menu. I did nothing else so far.
Do I have to add some rules about modules or block-devices ?? I read
something about a rule "add_to_kernel" , do I have to add this somewhere
to get the kernel install the nic's??
Can you tell me the difference between -soft and -sec kernels of adamantix?
Torsten.
More information about the rsbac
mailing list