Before RSBAC can be used to manage security the existing security infrastructure needs to be imported. This can be accomplished with the following commands:
Adding old group root with gid 0
Adding group root member root
Adding old group bin with gid 1
Adding group bin member rootlisa ~ # rsbac_useradd -v -O
Account root seems to be disabled, disabling password
Adding old user root
Account bin seems to be disabled, disabling password
Adding old user bin
Account daemon seems to be disabled, disabling password
Adding old user daemon
...
As you may have noticed during the above procedure the password has been disabled for all accounts. This is because we have selected SHA1 password hashing and the PAM system uses MD5. Before anyone can login to the system their password will need to be reset.
As you have probably noticed from the above commands RSBAC provides new applications for managing users, groups and passwords. To ensure that these commands are used to manage security settings from now on it is a good idea to mask the existing tools using symbolic links in a path directory with higher priority. This way calls to these tools will be "intercepted" and passed to the RSBAC tools instead.