Gentoo Logo

Rule Set Based Access Control (RSBAC) for Linux - Transition from rsbac-sources to hardened-sources


Why ?

Note: Currently only the 2.4 kernels are affected

All hardened patches are currently present in the hardened-sources kernel. SELinux as well as GrSecurity MAC solutions are also present. The current RSBAC kernel is simply a copy of this hardened-sources kernel, with RSBAC patches added and GrSecurity patches disabled.

When users are looking for the kernel to install, they install this very one. Most often, they assume the RSBAC kernel is simply not present because not inside of the "hardened kernel".

Finally, why having two versions of the almost same kernel when it can just be one ?

How ?

The transition is very simple. In short, you just have to emerge the hardened-sources kernel instead of the usual rsbac-sources one. Make sure to also add the rsbac local use flag so that the RSBAC patches get applied.

Important: Make sure you are using the 2.4 kernel. 2.6 kernels have not yet been transitionned

Code Listing 1.1: Adding the rsbac local use flag

	# echo "sys-kernel/hardened-sources rsbac" >> /etc/portage/packages.use
	# emerge hardened-sources


Page updated February 15, 2006

Summary: This document will help you transioning from rsbac-sources to hardened-sources

Guillaume Destuynder

Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.