[rsbac] Transfer of RSBAC-settings from one machine to another

Amon Ott ao at rsbac.org
Wed Feb 9 09:29:52 CET 2005

On Dienstag 08 Februar 2005 10:13, Patrique Wolfrum wrote:
> I am trying to set up a backup-server (for redundancy) for our 
> (RSBAC-protected) main-server. The backup-server has the same 
> HDD-partitioning than his big brother, but the HDD is smaller (the 
> backup-server is a rather normal PC (unlike the main-server which is 
> IBM xSeries server)). I want now to transfer the RSBAC-settings from 
> main-system to the backup-system, and would try to do this via the 
> backup-script of RSBAC. Would this be the correct way to do this, or 
> there a better (perhaps safer) way to accomplish this ?

The backup_all script output run on the second system should produce 
the exact same config, if that system has no default config (always 
booted with rsbac_no_defaults and rsbac_no_syslog).

If it has, you might have an additional boot role 999999 or auditor 
role, if one of them was missing in your original config. Ignore the 
auditor role then and either disable the boot role (set boot_role 
flag to 0) or copy settings from root role.

It is a good idea to make a copy of backup_all, remove all unnecessary 
module specific backups in the copy and run the copy only - the full 
blown backup_all takes a looong time on big systems.

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list