[rsbac] modules at boottime

Tue Jun 3 17:54:24 MEST 2003

Amon Ott wrote:

>On Tuesday, 3. June 2003 12:34, Torsten Becker wrote:
>  
>
>>Amon Ott schrieb:
>>    
>>
>>>>I use a Debian based distribution called Adamantix (former Trusteddebian).
>>>>They offer three kernels: one without rsbac one rsbac -soft and one 
>>>>rsbac -sec. (2.4.20)
>>>>They say that the kernels only differ in the rsbac settings. My nic's 
>>>>are automaticaly installed with the kernel without rsbac.
>>>>So I thought to have problems with the rsbac settings/restrictions.
>>>>   
>>>>
>>>>        
>>>>
>>>Generally, if RSBAC denies anything, you will get a log message with the 
>>>reason for it.
>>>
>>>It is possible that you use the wrong initrd file. There are two different 
>>>ones for non-RSBAC and RSBAC kernels in adamantix, because RSBAC may 
>>>      
>>>
>change 
>  
>
>>>module code and thus changes the kernel version string to use a different 
>>>      
>>>
>set 
>  
>
>>>of modules. Please check your lilo.conf or grub setting for the initrd= 
>>>strings.
>>>
>>>Now, if you boot with the wrong initrd, the RSBAC kernel does not find the 
>>>module in /lib/modules/2.4.20-rsbac, because your initrd modules are in 
>>>/lib/modules/2.4.20.
>>> 
>>>
>>>      
>>>
>>I checked the menu.lst of grub. It seems all to be allright. In the 
>>"automatic configuration" section I found two initrd settings.
>>One for the -soft kernel and one for the -sec kernel always right 
>>beneath the kernel settings. I found none for the kernel without rsbac.
>>Now, if I boot with the wrong initrd setting , would modprobe install me 
>>the modules?
>>If I have logged in the system I can do modprobe and the modules are 
>>installed. If I try to do insmod , I get errors. I think these errors 
>>come from the generall RC settings I read about!?
>>    
>>
>
>If it is RSBAC related, there must be some related output on screen (during 
>boot) or in syslog. If you find some, please send it to me.
> 
>  
>
>>Perhaps I have to tell, that I only configured /bin/login , portmapper 
>>and sshd with rsbac_menu. I did nothing else so far.
>>Do I have to add some rules about modules or block-devices ?? I read 
>>something about a rule "add_to_kernel" , do I have to add this somewhere 
>>to get the kernel install the nic's??
>>    
>>
>
>ADD_TO_KERNEL gives you the right to load a module. This right is set for 
>root in all RSBAC decision modules by default.
> 
>  
>
>>Can you tell me the difference between -soft and -sec kernels of adamantix?
>>    
>>
>
>With the softmode kernel, you can switch RSBAC into softmode, which logs 
>everything, but still allows access. To try it, just add the kernel parameter 
>rsbac_softmode, or as secoff, switch_module SOFTMODE 1. You will see the 
>difference in /proc/rsbac-info/stats. Softmode is great for testing, I use it 
>a lot myself.
>
>The -sec kernel has softmode and module switching disabled, so all decision 
>modules are always on.
>  
>
Thank you for your hints.
I tried booting with rsbac_softmode and got the same failure without any 
error-protokolls from rsbac.
So I checked the kernel without rsbac and found that this was the one 
from the original debian installation. Sorry ! My failure. After this I 
checked the file "loadmodules" in the /initrd folder and found no entry 
for modprobe -k 8139too.
Now I decide to compile my own kernel with fix support for rtl8139. I 
choosed the sources from a adamantix mirror, loaded the config of the 
-soft kernel and changed the entries of  rtl8139.
Hope that helps ;-)