Re: RSBAC working with SGI XFS 1.0


From: K Mitchell Russell <kmrussel@hsc.vcu.edu>
Subject: Re: RSBAC working with SGI XFS 1.0
Date: Sun, 6 May 2001 11:46:48 -0400 (EDT)

Next Article (by Author): Re: RSBAC working with SGI XFS 1.0 K Mitchell Russell
Previous Article (by Author): RSBAC working with SGI XFS 1.0 K Mitchell Russell
Top of Thread: RSBAC working with SGI XFS 1.0 K Mitchell Russell
Next in Thread: Re: RSBAC working with SGI XFS 1.0 K Mitchell Russell
Articles sorted by: [Date] [Author] [Subject]


On Sun, 6 May 2001, Keith Matthews wrote:

> On Sat, 5 May 2001 20:31:04 -0400 (EDT) K Mitchell Russell <K Mitchell Russell <kmrussel@hsc.vcu.edu>> wrote:
> 
> 
> > 
> > Anyone else working with XFS and RSBAC?  If so please comment, as I
> > would like to see XFS added to the 'Compatability' list of RSBAC soon.
> > 
> 
> Haven't tried XFs yet (XFS boot filesystem + GRUB are at the top of my
> 'todo' list') but have tried ext3. 
> 
> Same sort of messages as you got. Some strange things happening, but I
> have no evidence (yet) they are due to ext3. Similar sort of problem with the
> patches. 
> 
> How did you apply RSBAC rules to the XFS filesystem code (fs/ext2/namei.c)
> ? With ext3 its fairly easy as the module is almost a straight clone of ext2. 

Good question: I didn't.  All the fs/* patches applied fine, and the
fs/*/namei.c appears to only be concerned with rsbac_sec_del() for each
filesystem (ext2, minix, msdoc, vfat..) - or am I totally off base?  I
have NOT EVEN attempted the secure delete with XFS... don't know where
the code is (XFS is a LARGE patch, main patch is 146,000 lines, 2.4.3
core patch is 6,000).  Also appears that ReiserFS namei.c is not patched
by v1.1.1. Interesting to know if anyone has patched this by hand?  It
would be nice to get secure delete to work with XFS, but this may
require a big effort, or help from the SGI engineers... I can throw it
up on the XFS list and see what they say perhaps.

> 
> init/main.c needed more complex hand patching due to the kdb code being in
> the ext3 patch. Will be removed once ext3 goes final I expect.

Although the stock XFS kernel tree contains the kdb patch, I did not
patch mine with kdb yet.

K. Mitchell Russell, M.D.
kmrussel@hsc.vcu.edu

-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Author): Re: RSBAC working with SGI XFS 1.0 K Mitchell Russell
Previous Article (by Author): RSBAC working with SGI XFS 1.0 K Mitchell Russell
Top of Thread: RSBAC working with SGI XFS 1.0 K Mitchell Russell
Next in Thread: Re: RSBAC working with SGI XFS 1.0 K Mitchell Russell
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.