From: tech-guy <tech-guy@excite.com>
Subject: praise and install issues of rsbac
Date: Wed, 19 Jan 2000 18:20:29 -0800 (PST)
Next Article (by Author): Re: praise and install issues of rsbac tech-guy
Previous Article (by Author): Re: IPC bugs / FIFOs staringer
Next in Thread: Re: praise and install issues of rsbac ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date]
[Author]
[Subject]
hi all, i really like this b1 security package for linux and i have nothing but praise for it. it was scary installing it and had much mistakes especially by not installing the admin tools prior to a reboot! good thing i had a virgin kernel bootdisk laying around... i've joined the rsbac list but i could wait sending an email for help! lessee here is the install history: - patched the virgin 2.2.12-4 kernel w/ the 1.09path, selected everything except for the role switching on all models - did this all as root and before the reboot was getting massive segfault 11's and core dumps- whew! - after rebooting with the sparebootdisk, read more of the docs and installed the admintools. created the security officer role(uid400) and the dp role (uid401) but i didn't know what the tp role was for and wh at uid it belonged to. - before the next reboot, i created a maintenance kernel and fixed lilo.conf for multiple image selection - rebooted - after the reboot, ran the sample rc and acl scripts from /usr/src/(rs_admin_install_dir)/examples - rebooted - getting bunches of cannot read ACL on 03:08 which i found out thru /proc/rsbac_info was the device for hda! - trying to run the script menu's in a plain login prompt or even in xwindowns in xterm as root but ended w/ a plain prompt again, no segfaults, no access violations, ran strace on each rsbac_menu_xxx and it had very small traces of process violations i think- my resolution is at 1600x1200. lot's of shell real estate. read through the docs again and noticed that it was suggested to reexport COLUMNS and ROWS from /etc/profile but thats for bash and my primary login shells are tcsh for root, security officer and data protection officer. - reboots are a little cleaner now but still getting the ACL could not be read on /dev/hda<root> - i'm using the maintenance boot kernel a little too much though and it is becoming a crutch help! any tips! please! (ps- sorry about the email plug) _______________________________________________________ Get 100% FREE Internet Access powered by Excite Visit http://freeworld.excite.com - To unsubscribe from the rsbac list, send a mail to majordomo@morpork.shnet.org with unsubscribe rsbac as single line in the body.
Next Article (by Author): Re: praise and install issues of rsbac tech-guy
Previous Article (by Author): Re: IPC bugs / FIFOs staringer
Next in Thread: Re: praise and install issues of rsbac ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date]
[Author]
[Subject]