path: root/xml/rsbac/transition.xml

<?xml version='1.0' encoding="UTF-8"?> <!DOCTYPE guide SYSTEM
"/dtd/guide.dtd">

<guide link="transition.xml">

<title>Rule Set Based Access Control (RSBAC) for Linux -
Transition from rsbac-sources to hardened-sources </title>

<author title="Author">
  <mail link="kang@gentoo.org">Guillaume Destuynder</mail>
</author>
<abstract> This document will help you transioning from
rsbac-sources to hardened-sources </abstract>

<!-- The content of this document is licensed under the CC-BY-SA license
--> <!-- See http://creativecommons.org/licenses/by-sa/1.0 --> <license/>

<version>1.0</version> <date>15 February 2006</date>

<chapter>
<title>RSBAC</title>
<section> <title>Why ?</title>
<body>

<note> Currently only the 2.4 kernels are affected </note>

<p> All hardened patches are currently present in the hardened-sources
	kernel. SELinux as well as GrSecurity MAC solutions are also present.
	The current RSBAC kernel is simply a copy of this hardened-sources
	kernel, with RSBAC patches added and GrSecurity patches disabled. </p>

<p> When users are looking for the kernel to install, they install 
	this very one. Most often, they assume the RSBAC kernel is simply not
	present because not inside of the "hardened kernel". </p>

<p> Finally, why having two versions of the almost same kernel when
	it can just be one ? </p>

</body>
</section>
<section> <title>How ?</title>
<body>

<p> The transition is very simple. In short, you just have to emerge
	the hardened-sources kernel instead of the usual rsbac-sources one.
	Make sure to also add the rsbac local use flag so that the RSBAC
	patches get applied. </p>

<impo> Make sure you are using the 2.4 kernel. 2.6 kernels have not yet been 
	transitionned </impo>

<pre caption="Adding the rsbac local use flag">
	# <i>echo "sys-kernel/hardened-sources rsbac" >> /etc/portage/packages.use</i>
	# <i>emerge hardened-sources</i>
</pre>


</body> </section> </chapter>

</guide>