[rsbac] Re: Re: Uploaded patch-2.6.8-rsbac-v1.2.3
Amon Ott
ao at rsbac.org
Fri Aug 20 11:49:17 CEST 2004
On Freitag, 20. August 2004 11:39, Thomas Mueller wrote:
> Amon Ott wrote:
> >> With .7 I switched to software raid 1 but keept all rsbac.dat/
> >> directories.
> >>
> >> I've used the boot parameters 'rsbac_softmode rsbac_nosyslog'.
> >>
> >> Could the software raid be a problem?
> >
> > It can, but it should not be a problem. I have been using software
> > raid myself with 2.4 kernels and RSBAC without any problems. From
> > RSBAC perspective, this is just another filesystem mount.
>
> Sorry my question wasn't formulated well enough: could the problem
be
> raised by the fact that I copied the rsbac.dat/ directories from
p.e.
> /dev/hda1 to /dev/md0? Are any inode/device/... informations saved
in that
> directory?
> All inodes of the files I have rules for changed of course, that's
why I
> enabled softmode and nosyslog.
Ouch, these dirs must never be copied. There are inode numbers in many
files. Accidential clashes in the numbers can lead to weird results,
and the inode number checks in RSBAC checking become dangerous.
You should have made a backup with backup_all script and restored at
the new location. In any case, please remove the rsbac.dat dirs
before booting from the new device.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Bin?rdaten wurde geschreddert...
Dateiname : nicht verf?gbar
Dateityp : application/pgp-signature
Dateigr??e : 189 bytes
Beschreibung: signature
URL : http://www.rsbac.org/pipermail/rsbac/attachments/20040820/5f1e28c6/attachment.bin
More information about the rsbac
mailing list