[rsbac] How Do I Manage RSBAC?

Murf murf at post.cz
Fri Aug 26 15:31:40 CEST 2005 

Asaf Gery wrote:
> Hello,
> I am using Gentoo. I installed Gentoo's rsbac-kernel (
> rsbac-sources-2.4.29-r2) and patched it a little bit since I could not 
> compile it with LVM2 support enabled (some files/functions were missing).
> I included in my kernel most of RSBAC modules (attached is my .config file) 
> as well as softmode support. In order to enable more security I completely 
> disabled kernel modules support. I read all of the available documentation I 
> found about RSBAC in English (sorry, my German is very bad...) and I still 
> have no clue how to set my RSBAC policy and configuration.
> Could someone please point me to a step by step tutorial followed by 
> examples and simple explanations? I am willing to learn this subject deeply, 
> unfortunately I am having problems to understand the current documentation - 
> it has very few examples and the explanations are very high-level. I am also 
> having problems finding my way through the ui (ncurses) based utilities. I 
> want to start running the kernel in RSBAC enabled mode. Currently I am 
> running it with softmode enabled which is just missing the whole point... 
> How do I start? How can I understand the way to work and configure all the 
> modules? I need simple explanations with detailed examples, so that I can 
> play with them. I am also willing to contribute and write down my own 
> comments as soon as I will be able to understand how to do these things... 
> Especially I am having problems understanding RC module and the network 
> templates. As a first step, I would like to be able to run all the demons on 
> my system with RSBAC enabled. I have no clue how to act upon the RSBAC 
> warnings in the kernel log file.
> Your help is highly appreciated,
> TIA,
>  Asaf Gery
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> rsbac mailing list
> rsbac at rsbac.org
> http://www.rsbac.org/mailman/listinfo/rsbac

Hello,

You are a bit lost in RSBAC, huh? ;)

You have to make clear what is security models about.
Like RC is the most important security model in RSBAC.

I think that you can find description on the webpages rsbac.org.
Unfortunatelly you cannot miss the whole concept.
By missing it, you cannot understand what are you configuring.

You can find real example at
http://www.trusteddebian.org/Members/tsauter/rsbac-apache-rc.txt/view

But everything depends on you configuring system, what you would
like configure, what daemons are you using etc.

Its not work for a week or month to fully understand what
is going on.

Rgds,

Murf

More information about the rsbac mailing list