Tbac-reg is a project mainly written in C and PYTHON, based on the GPL-2.0 license.
Timed Based Access Control - RSBAC REG module
TBAC is a RSBAC REG policy about timed based access control. This project is in developpement.
Currently available:
Compilation require rsbac kernel header, so rsbac-admin tools must have been installed.
$ make $ make build $ sudo make install
Make sure environment contain:
Right now, tbac only support file's attributes on a single device, and you must set this parameter during module loading. You need minor and major number of selected device. [1]
You should read the SPECS file to understand how it works.
First load the tbac module: $ sudo modprobe tbac tbac_root_device_major=X tbac_root_device_minor=Y
Then You can check everything goes right by looking at /proc/rsbac-info/tbac
The best way to play with it is to use the rsbac_tbacmenu.py. However commandline tools are also provided: tbac[gs]etconf to set working hours // a oneshot holiday tbac[gs]et_attr_fd to set fd's attributes
TBAC being a REG module, it does not benefits from common RSBAC attributes workflow, meaning:
Supporting every mounted devices could be done without much that work.
This package contains:
main: |->/src: the reg module sources |->/headers: the tbac include files |->/libs: userland library and its python binding ->/tools: administration commands and a fancy Tk menu in python
[1] To get filesystem under device minor/major you can use 'stat':
$ stat --printf="%D " /home 805
/home device's major is 08, minor ir 05
[1] or you can look at the mounted devices in dev with 'ls':
$ ls -l /dev/sda8 brw-rw---- 1 root disk 8, 5 2009-10-15 18:35 /dev/sda5 ^ ^ ------ those number are major and minor