[rsbac] modules at boottime
Torsten Becker
t.becker at nc-world.de
Tue Jun 3 17:54:24 MEST 2003
Amon Ott wrote:
>On Tuesday, 3. June 2003 12:34, Torsten Becker wrote:
>
>
>>Amon Ott schrieb:
>>
>>
>>>>I use a Debian based distribution called Adamantix (former Trusteddebian).
>>>>They offer three kernels: one without rsbac one rsbac -soft and one
>>>>rsbac -sec. (2.4.20)
>>>>They say that the kernels only differ in the rsbac settings. My nic's
>>>>are automaticaly installed with the kernel without rsbac.
>>>>So I thought to have problems with the rsbac settings/restrictions.
>>>>
>>>>
>>>>
>>>>
>>>Generally, if RSBAC denies anything, you will get a log message with the
>>>reason for it.
>>>
>>>It is possible that you use the wrong initrd file. There are two different
>>>ones for non-RSBAC and RSBAC kernels in adamantix, because RSBAC may
>>>
>>>
>change
>
>
>>>module code and thus changes the kernel version string to use a different
>>>
>>>
>set
>
>
>>>of modules. Please check your lilo.conf or grub setting for the initrd=
>>>strings.
>>>
>>>Now, if you boot with the wrong initrd, the RSBAC kernel does not find the
>>>module in /lib/modules/2.4.20-rsbac, because your initrd modules are in
>>>/lib/modules/2.4.20.
>>>
>>>
>>>
>>>
>>I checked the menu.lst of grub. It seems all to be allright. In the
>>"automatic configuration" section I found two initrd settings.
>>One for the -soft kernel and one for the -sec kernel always right
>>beneath the kernel settings. I found none for the kernel without rsbac.
>>Now, if I boot with the wrong initrd setting , would modprobe install me
>>the modules?
>>If I have logged in the system I can do modprobe and the modules are
>>installed. If I try to do insmod , I get errors. I think these errors
>>come from the generall RC settings I read about!?
>>
>>
>
>If it is RSBAC related, there must be some related output on screen (during
>boot) or in syslog. If you find some, please send it to me.
>
>
>
>>Perhaps I have to tell, that I only configured /bin/login , portmapper
>>and sshd with rsbac_menu. I did nothing else so far.
>>Do I have to add some rules about modules or block-devices ?? I read
>>something about a rule "add_to_kernel" , do I have to add this somewhere
>>to get the kernel install the nic's??
>>
>>
>
>ADD_TO_KERNEL gives you the right to load a module. This right is set for
>root in all RSBAC decision modules by default.
>
>
>
>>Can you tell me the difference between -soft and -sec kernels of adamantix?
>>
>>
>
>With the softmode kernel, you can switch RSBAC into softmode, which logs
>everything, but still allows access. To try it, just add the kernel parameter
>rsbac_softmode, or as secoff, switch_module SOFTMODE 1. You will see the
>difference in /proc/rsbac-info/stats. Softmode is great for testing, I use it
>a lot myself.
>
>The -sec kernel has softmode and module switching disabled, so all decision
>modules are always on.
>
>
Thank you for your hints.
I tried booting with rsbac_softmode and got the same failure without any
error-protokolls from rsbac.
So I checked the kernel without rsbac and found that this was the one
from the original debian installation. Sorry ! My failure. After this I
checked the file "loadmodules" in the /initrd folder and found no entry
for modprobe -k 8139too.
Now I decide to compile my own kernel with fix support for rtl8139. I
choosed the sources from a adamantix mirror, loaded the config of the
-soft kernel and changed the entries of rtl8139.
Hope that helps ;-)
More information about the rsbac
mailing list