[rsbac] web page

[Bencsath Boldizsar]

> > -Where to download
>
> The link is in the header of each page.

yes, it is, but then e.g. "Kernel patches" is a link to the page with the
kernel patches. This link seems like normal headers on other pages, an
arrow or something would be neccessary. On the other hand, There are lots
of text on this page, and although this software is not for beginners, i
think a "Speed link" "Download (some icon) this AND (some icon) this AND
(some icon) this and you are o.k. to build the kernel " with large, red or
yellow icons would help to find it easier. It takes minutes even to me to
find the latest admin tools package among the lines for example...



> > -How to install for beginners
>
> The Installation and Administration Instructions are linked from the
> download pages and the documentation page. I agree that they need
> some rework, but they include a step-by-step quick install at the
> top.

Almost invisible from the download page. A nice, colorful icon would be
great. The instructions are great, but it also can be more simple. Do not
put all the links inside the document, but in a separate part, and
therefore the text will be shorter and easier to read. I think the
installation docs could be separated as "MUST BE" "BEGINNERS' SETTINGS"
and "EXPERTS / REFERENCE". The must be should show how to set security
officer and login/ssh setuid rights. This could be written in a half page
document, which could attract potentian users.

> > -How to upgrade from the latest version
>
> This is a bit more problematic, because it can vary from a simple
> reboot to some significant changes in the setup. It was my opinion
> that for simple setups the changes, if any, are almost trivial, and
> for complex ones there should be sufficient knowledge available to
> find the necessary changes quickly.

Sure. The most important part of the upgrade is how to upgrade a remote
system without killing it. So, e.g. from 1.2.2 ->1.2.3 if i do not set
get_system_data and modify_system_data for those new places (DEV,
PROCESS), then my system won't be reachable from ssh, therefore it is
critical to check. This was the same problem for 1.2.1->1.2.2 but with
get_system_data at different places and setuid rights for your own id
(passwd, etc.). I personally do not expect "much" documentation, but a
_clear_ link for "Upgrade information" with 2 times (1.2.1->1.2.2) 5
bullets (check this and this and this at least, because they've been
changed) would be great.


>
> The only special is the changed syntax for rsbac_jail.
>

This is also important, but mostly more harmless than general boot-up or
remote-administration problems (if you don't use jail for secoff etc.).

>
> Fully agreed. All we need are people doing this work. I am not a good
> handbook author myself, but would certainly share my knowledge, proof
> read and provide the Web space.
>
> The development and maintenance of the code are already very time
> consuming, so this must be a task for others.

Agreed, we can just say a thank you for the great job, and wish even more
success.

boldi