Rule Set Based Access Control (RSBAC) for Linux - Transition from rsbac-sources to hardened-sources
All hardened patches are currently present in the hardened-sources kernel. SELinux as well as GrSecurity MAC solutions are also present. The current RSBAC kernel is simply a copy of this hardened-sources kernel, with RSBAC patches added and GrSecurity patches disabled. When users are looking for the kernel to install, they install this very one. Most often, they assume the RSBAC kernel is simply not present because not inside of the "hardened kernel". Finally, why having two versions of the almost same kernel when it can just be one ? The transition is very simple. In short, you just have to emerge the hardened-sources kernel instead of the usual rsbac-sources one. Make sure to also add the rsbac local use flag so that the RSBAC patches get applied.
The contents of this document, unless otherwise expressly stated, are licensed under the CC-BY-SA-2.5 license. The Gentoo Name and Logo Usage Guidelines apply. |
|