Date: Thu, 5 May 2005 20:55:40 GMT From: Scott Long <scottl@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 76581 for review Message-ID: <200505052055.j45KteMS087977@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=76581 Change 76581 by scottl@scottl-x64 on 2005/05/05 20:54:52 Update the SEBSD install instructions to match the recent changes. Affected files ... .. //depot/projects/trustedbsd/sebsd/SEBSD-Installation.txt#2 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/SEBSD-Installation.txt#2 (text+ko) ==== @@ -1,9 +1,9 @@ Instructions for installing Security-Enhanced BSD -SEBSD ships as a kernel loadable module that loads into a FreeBSD 5.1 +SEBSD ships as a kernel loadable module that loads into a FreeBSD 6.0 kernel supporting the TrustedBSD MAC framework (http://www.trustedbsd.org/). The SEBSD installation CD contains a -modified FreeBSD 5.1 distribution and a MAC kernel. The installation +modified FreeBSD 6.0 distribution and a MAC kernel. The installation process installs the FreeBSD operating system, including full source code and MAC-aware programs. @@ -16,7 +16,7 @@ the FreeBSD operating system or the installation process, refer to the FreeBSD handbook available at the project website: http://www.freebsd.org/. -1. Boot the FreeBSD 5.1-SEBSD installation CD; this CD will install +1. Boot the FreeBSD 6.0-SEBSD installation CD; this CD will install the complete operating system, including kernels, user applications, and complete source code. A series of menus will prompt the user how to proceed. @@ -72,7 +72,7 @@ 4. Inspect the SEBSD policy. The system comes pre-installed with a sample policy, but local changes might be required. The policy source is located in /etc/security/sebsd/policy and the compiled - (binary) version is installed in /etc/security/sebsd/policy.16 by + (binary) version is installed in /etc/security/sebsd/policy.bin by default. Only the binary version is loaded by the SEBSD module at boot time. An alternate location for the binary policy file may be specified at the boot loader or in /boot/loader.conf. @@ -89,7 +89,11 @@ loaded into the kernel. The /sbin/sebsd_loadpolicy program can be used instead of a reboot: - /sbin/sebsd_loadpolicy /etc/security/sebsd/policy.16 + /sbin/sebsd_loadpolicy /etc/security/sebsd/policy.bin + + Note that policy.bin is installed by default as a symlink to another + file. If you plan to generate your own policy file then you might + need to adjust this. 5. Label the file system. By default, extended attribute support was enabled during the install, but the individual files were not
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505052055.j45KteMS087977>