Hello,
in which runlevel should one place the script that enables the RBAC system on Gentoo, with maximum security in mind? And, should it run before or after the other scripts in that runlevel? I'd be grateful if you can give an explanation as well, to understand the reason behind it.
Runlevel for RBAC system start
2 posts
• Page 1 of 1
Runlevel for RBAC system start
by Red » Mon Sep 08, 2014 6:30 pm
- Red
- Posts: 1
- Joined: Mon Sep 08, 2014 2:51 pm
Re: Runlevel for RBAC system start
by spender » Mon Sep 08, 2014 6:54 pm
If you start it too early, you end up requiring policy for many more privileged accesses than are needed by various services at runtime. I instead recommend making sure the system is fully firewalled off until RBAC has started. You should also ensure that cron/atd and the like start after RBAC has started.
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
2 posts
• Page 1 of 1