[rsbac] modules at boottime
Amon Ott
ao at rsbac.org
Tue Jun 3 15:33:31 MEST 2003
On Tuesday, 3. June 2003 12:34, Torsten Becker wrote:
> Amon Ott schrieb:
> >>I use a Debian based distribution called Adamantix (former Trusteddebian).
> >>They offer three kernels: one without rsbac one rsbac -soft and one
> >>rsbac -sec. (2.4.20)
> >>They say that the kernels only differ in the rsbac settings. My nic's
> >>are automaticaly installed with the kernel without rsbac.
> >>So I thought to have problems with the rsbac settings/restrictions.
> >>
> >>
> >
> >Generally, if RSBAC denies anything, you will get a log message with the
> >reason for it.
> >
> >It is possible that you use the wrong initrd file. There are two different
> >ones for non-RSBAC and RSBAC kernels in adamantix, because RSBAC may
change
> >module code and thus changes the kernel version string to use a different
set
> >of modules. Please check your lilo.conf or grub setting for the initrd=
> >strings.
> >
> >Now, if you boot with the wrong initrd, the RSBAC kernel does not find the
> >module in /lib/modules/2.4.20-rsbac, because your initrd modules are in
> >/lib/modules/2.4.20.
> >
> >
> I checked the menu.lst of grub. It seems all to be allright. In the
> "automatic configuration" section I found two initrd settings.
> One for the -soft kernel and one for the -sec kernel always right
> beneath the kernel settings. I found none for the kernel without rsbac.
> Now, if I boot with the wrong initrd setting , would modprobe install me
> the modules?
> If I have logged in the system I can do modprobe and the modules are
> installed. If I try to do insmod , I get errors. I think these errors
> come from the generall RC settings I read about!?
If it is RSBAC related, there must be some related output on screen (during
boot) or in syslog. If you find some, please send it to me.
> Perhaps I have to tell, that I only configured /bin/login , portmapper
> and sshd with rsbac_menu. I did nothing else so far.
> Do I have to add some rules about modules or block-devices ?? I read
> something about a rule "add_to_kernel" , do I have to add this somewhere
> to get the kernel install the nic's??
ADD_TO_KERNEL gives you the right to load a module. This right is set for
root in all RSBAC decision modules by default.
> Can you tell me the difference between -soft and -sec kernels of adamantix?
With the softmode kernel, you can switch RSBAC into softmode, which logs
everything, but still allows access. To try it, just add the kernel parameter
rsbac_softmode, or as secoff, switch_module SOFTMODE 1. You will see the
difference in /proc/rsbac-info/stats. Softmode is great for testing, I use it
a lot myself.
The -sec kernel has softmode and module switching disabled, so all decision
modules are always on.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list