Hi,
for all the docs I've read about grsec I'm still wonding how to get RBAC working. Specifically, one can activate grsec RBAC manually with gradm. But how to do it automatically at system boot time?
Moreover, how can I assign a role to a daemon (such that it enters it automatically)?
Thanks for advice.
Howto...
2 posts
• Page 1 of 1
Howto...
by countermode » Mon Sep 16, 2013 7:28 pm
- countermode
- Posts: 27
- Joined: Mon Sep 16, 2013 6:59 pm
Re: Howto...
by ldunston » Thu Oct 10, 2013 8:03 pm
See this link for startup/shutdown ideas:
viewtopic.php?f=5&t=2248
There is a nice shutdown role that is available.
To start it automatically add /sbin/gradm -E to rc.local (location will vary pending your *nix flavor).
Create subjects for daemons/processes that you want protected in the grsec policy. Use full learning mode to get a good baseline for a policy. There are docs for doing this.
viewtopic.php?f=5&t=2248
There is a nice shutdown role that is available.
To start it automatically add /sbin/gradm -E to rc.local (location will vary pending your *nix flavor).
Create subjects for daemons/processes that you want protected in the grsec policy. Use full learning mode to get a good baseline for a policy. There are docs for doing this.
- ldunston
- Posts: 10
- Joined: Mon Dec 03, 2012 2:28 pm
2 posts
• Page 1 of 1