Trustees Linux for 2.6 kernel [LWN.net]

From:		Andrew Ruder <aeruder@ksu.edu>
To:		linux-security-module@wirex.com
Subject:		Trustees Linux for 2.6 kernel
Date:		Sun, 31 Oct 2004 23:46:01 -0600

Hello all,

Some of you may be (or probably not) familiar with the trustees acl project
( http://trustees.sourceforge.net ).  For those of you who are not,
trustees is a non-posix recursive acl system.  Seeing as I can probably not
explain it any better than Vyacheslav Zavadsky did on the website listed
above, I encourage you to look there for a more detailed description.

I have ported trustees to the 2.6 kernel using the lsm api.  I've been
using it on my own machine for the better part of the week, and it seems to
work fairly well.

Just wondering/hoping someone can take a look and offer any suggestions,
bugs, criticisms, etc.  I would really appreciate it as I am very new to
kernel programming in general (this is my first project).  I know some of
the code is still somewhat messy.

http://www.aeruder.net/files/miscprojects/0CSource/truste...

The tarball is checked out from my subversion repository, so you should be
able to do an svn update to pull down the latest version of the code.

Cheers,
Andrew Ruder

Instructions to use:
1) untar the downloaded file
2) cd trustees/module
     make install
3) cd ../src
     make
4) create a config file
I am currently using this config file
[/dev/hdb6]/var/www:www-data:RWEBX:andy:RWEBX
[/dev/hdb6]/usr/GNUstep:andy:RWEBX
[/dev/hdb6]/usr/local:andy:RWEBX
[/dev/hdb2]/andy/Project/Archives/svn:www-data:RWEBX:andy:RWEBX
[/dev/hdb1]/:www-data:RBE
5) depmod ; modprobe trustees
6) mount -t trusteesfs none /path/to/mount
7) /path/to/trustees/src/settrustees -f /path/to/config -t
/path/to/mount/trustees

If you change the config and want to reload the changes, just use the -d
flag on the settrustees line.