[rsbac] Upgrading from 1.2.2 to 1.2.3

Patrique Wolfrum Patrique.Wolfrum at vwl.uni-freiburg.de
Wed Aug 11 17:26:49 CEST 2004


Hello,

>If no role is marked as boot role, the system boots with root's role 
>as before. The new type (default no. 999999) for kernel threads might 
>need some right adjustments, but the system should work fine.
>
>The rsbac_jail command syntax has changed, and the jail has become 
>tighter. So in some jail cases, you will have to grant more 
>privileges with extra switches.
>
>Generally, I recommend to enable softmode in RSBAC kernel config and 
>boot with softmode on the first boot. If you want to be sure that you 
>can easily return to the previous kernel, use rsbac_debug_no_write 
>kernel parameter for the first boot.
>
>When the system runs fine with the new version, you can rebuild the 
>kernel without softmode.
>
>I am sorry that I cannot give you more precise help - I updated some 
>systems a few weeks ago, but did not take notes on what did not work.  
>As far as I remember, there were no real problems. The only thing 
>that has been reported as being nasty is related to initrd, where the 
>linuxrc always runs with role 0 instead of root's or the boot role.
>  
>

I tried it this way (fortunately we don't use initrd since our kernel is 
monolithic and doesn't need any modules), everything went fine until the 
init-process was completed and the login-prompt was supposed to show up. 
It didn't show up (so no login was possible) and shortly after that, the 
system hanged completely.

I used the following kernel options:
rsbac_softmode
rsbac_debug_no_write

For the compilation of the kernel I used the old settings (copy the 
.config of the old kernel to the new and 'make oldconfig').
The basis of our system is Suse Linux 8.2.

Switched back to the old kernel (rsbac 1.2.2) and everything works again.

Do you have an idea what could cause this strange behaviour of  the 
1.2.3 version ?

Thank you very much in advance.

With best regards.
    Patrique Wolfrum

-- 
Patrique Wolfrum 
Administrator - Fakultätsserver

Albert-Ludwigs-Universität Freiburg im Breisgau
Institut für allgemeine Wirtschaftsforschung
Abteilung für Wirtschaftsinformatik
Kollegiengebäude II
Platz der Alten Synagoge
79085 Freiburg



More information about the rsbac mailing list