-
Notifications
You must be signed in to change notification settings - Fork 0
Timed Based Access Control - RSBAC REG module
License
TristanCacqueray/tbac-reg
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Welcome to the TBAC packages directory
--------------------------------------
TBAC is a RSBAC REG policy about timed based access control.
This project is in developpement.
Currently available:
* REG module active for one device
* Tkinter administration interface
Installation
------------
Compilation require rsbac kernel header, so rsbac-admin tools must
have been installed.
$ make
$ make build
$ sudo make install
Make sure environment contain:
* */usr/local/lib* is in LD_LIBRARY_PATH or in /etc/ld.so.conf / ldconfig
* */usr/local/lib/python2.6/site-packages* in PYTHONPATH
Usage
-----
Right now, tbac only support file's attributes on a single device,
and you must set this parameter during module loading.
You need minor and major number of selected device. [1]
You should read the SPECS file to understand how it works.
First load the tbac module:
$ sudo modprobe tbac tbac_root_device_major=X tbac_root_device_minor=Y
Then You can check everything goes right by looking at
/proc/rsbac-info/tbac
The best way to play with it is to use the rsbac_tbac_menu.py.
However commandline tools are also provided:
tbac_[gs]et_conf to set working hours // a oneshot holiday
tbac_[gs]et_attr_fd to set fd's attributes
Known CAVEATS
-------------
TBAC being a REG module, it does not benefits from common RSBAC attributes
workflow, meaning:
* no transactions
* no attributes inheritance (every files must be tagged)
Supporting every mounted devices could be done without much that work.
Directores layouts
------------------
This package contains:
main:
|->/src: the reg module sources
|->/headers: the tbac include files
|->/libs: userland library and its python binding
\->/tools: administration commands and a fancy Tk menu in python
[1] To get filesystem under device minor/major you can use 'stat':
$ stat --printf="%D\n" /home
805
/home device's major is 08, minor ir 05
[1] or you can look at the mounted devices in dev with 'ls':
$ ls -l /dev/sda8
brw-rw---- 1 root disk 8, 5 2009-10-15 18:35 /dev/sda5
^ ^
\---\--- those number are major and minor
About
Timed Based Access Control - RSBAC REG module
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published