Rule Set Based Access Control (RSBAC) for Linux -
Transition from rsbac-sources to hardened-sources
Note: Currently only the 2.4 kernels are affected
All hardened patches are currently present in the hardened-sources
kernel. SELinux as well as GrSecurity MAC solutions are also present.
The current RSBAC kernel is simply a copy of this hardened-sources
kernel, with RSBAC patches added and GrSecurity patches disabled.
When users are looking for the kernel to install, they install
this very one. Most often, they assume the RSBAC kernel is simply not
present because not inside of the "hardened kernel".
Finally, why having two versions of the almost same kernel when
it can just be one ?
The transition is very simple. In short, you just have to emerge
the hardened-sources kernel instead of the usual rsbac-sources one.
Make sure to also add the rsbac local use flag so that the RSBAC
patches get applied.
Important: Make sure you are using the 2.4 kernel. 2.6 kernels have not yet been
Code Listing 1.1: Adding the rsbac local use flag
# echo "sys-kernel/hardened-sources rsbac" >> /etc/portage/packages.use
# emerge hardened-sources
The contents of this document, unless otherwise expressly stated, are licensed under the CC-BY-SA-2.5 license. The Gentoo Name and Logo Usage Guidelines apply.