From: (A. Ott)
Subject: Re: praise and install issues of rsbac
Date: 30 Jan 2000 16:50:00 +0100
Next Article (by Date): Finally "Paul D. Robertson"
Previous Article (by Date): Re: praise and install issues of rsbac tech-guy
Top of Thread: praise and install issues of rsbac tech-guy
Articles sorted by: [Date]
********* ***************** ********** **** ***** ***** ************ To subject Re: praise and install issues of rsbac (tech-guy) wrote: ********** ******************** ****** ******** ******* ************* > - when you create the security officer, dataprotect officer and tp managers, > must you put them in /home/<username>? when I created these accounts, i've > created their accounts off of "/" It doesn't matter, where - these are just examples. If you are using the sample RC home protection script, those dirs won't be protected from root, though - the script assumes all home dirs to be below /home. > - is there a webpage where i can view past submittal and replies to the > rsbac list? Sorry, no. But you can use majordomo to get the current list archive sent by mail, see your rsbac list welcome message. The list is on an offline box with regular mail polling. > - should i create the 'everyone' group with gid0? i noticed that creating > another gid0 conflicted w/ the group named "root" which has gid0 already Don't mix up Linux and ACL groups, they are completely different things. The ACL group everyone (0) is always there and can not be changed. Just use rsbac_acl_group_menu to setup and view your ACL groups. All RSBAC models completely ignore Linux groups, user names, file and dir modes (Linux permissions). > - if i boot into a virgin kernel (w/o rsbac components), delete all security > accounts (secoff, dp officer, tp manager), delete all 'rsbac' folders, > create new uid400 and uid401, recompile the kernel w/ very minimal rsbac > components like ff,ms,auth,rc and acl- remake the admintools, then reboot- > will this mess things up? or will i need to be lockedup in a looneybin > first? all i want to do is start fresh again if possible.... You don't need to delete the user accounts. All RSBAC stuff is only saved in the /rsbac folders on each partition. If you delete those and make install in the tools dir, you have a fresh new system. Amon. -- Please remove second ao for E-Mail reply - no spam please! ## CrossPoint v3.11 ## - To unsubscribe from the rsbac list, send a mail to with unsubscribe rsbac as single line in the body.
Next Article (by Date): Finally "Paul D. Robertson"
Previous Article (by Date): Re: praise and install issues of rsbac tech-guy
Top of Thread: praise and install issues of rsbac tech-guy
Articles sorted by: [Date]