Installing the Packages

Obtaining an RSBAC patched kernel

On most Linux distributions obtaining RSBAC patched kernel sources requires quite some work. One has to download the latest stable kernel sources, download the RSBAC patch set for that kernel version, and apply the patch set to the kernel sources.

Thanks to the hard work of the Gentoo Linux◳Hardened Project◳ this is unnecessary. Simply issue the following command and it will all be done for you.

lisa ~ # emerge rsbac-sources

Installing administration tools

Once the kernel sources have been installed we can install the RSBAC administration tools. Before we do however it is a good idea to make sure that the pam use-flag is set.

lisa ~ # emerge -pv rsbac-admin

These are the packages that would be merged, in order:

Calculating dependencies... done!

[ebuild N ] sys-apps/rsbac-admin-1.2.5 USE="pam"

Once you are confident that the correct use-flags are set for rsbac-admin, and any dependencies it may require, you can proceed with the install.

lisa ~ # emerge rsbac-admin

Setting passwords

Now is a good time to set passwords for the Security Officer and Auditor accounts which have been added by the rsbac-admin ebuild.

lisa ~ # passwd secoff
lisa ~ # passwd audit

These passwords should be strong. Try to include both upper and lower case letters, numbers and punctuation. This will eliminate most dictionary based attacks and make brute-force attacks far harder.