[rsbac] Transfer of RSBAC-settings from one machine to another
Amon Ott
ao at rsbac.org
Wed Feb 9 09:29:52 CET 2005
On Dienstag 08 Februar 2005 10:13, Patrique Wolfrum wrote:
> I am trying to set up a backup-server (for redundancy) for our
> (RSBAC-protected) main-server. The backup-server has the same
> HDD-partitioning than his big brother, but the HDD is smaller (the
> backup-server is a rather normal PC (unlike the main-server which is
a
> IBM xSeries server)). I want now to transfer the RSBAC-settings from
the
> main-system to the backup-system, and would try to do this via the
> backup-script of RSBAC. Would this be the correct way to do this, or
is
> there a better (perhaps safer) way to accomplish this ?
The backup_all script output run on the second system should produce
the exact same config, if that system has no default config (always
booted with rsbac_no_defaults and rsbac_no_syslog).
If it has, you might have an additional boot role 999999 or auditor
role, if one of them was missing in your original config. Ignore the
auditor role then and either disable the boot role (set boot_role
flag to 0) or copy settings from root role.
It is a good idea to make a copy of backup_all, remove all unnecessary
module specific backups in the copy and run the copy only - the full
blown backup_all takes a looong time on big systems.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list