Small changes on rsbac-admin to only install it on the system. Like this: http://kasten-edv.de/download/gentoo/sys-apps/rsbac-admin/
Two questions before I put this on the tree: 1) Can we get away without spawning a subshell in src_install() when we have use pam or use rklogd? In other works, do use pam && { insinto /etc doins "${FILESDIR}"/rsbac.conf } 2) Why did you remove pkg_postinst() with all the enew{group,user} secoff and audit stuff?
to 1.) yes i removed the use pam check to 2.) better do a hint while installing the rsbac-admin on the end that a security user have to added the uid for the security user is set by default to 400 but is free to choose in kernel configuration
(In reply to comment #2) > to 1.) > yes i removed the use pam check > > to 2.) > better do a hint while installing the rsbac-admin on the end that a security > user have to added > the uid for the security user is set by default to 400 but is free to choose > in kernel configuration Looks like we should have a pkg_postinst() message to alert the reasder about the security user. Can you suggest something (don't worry about your english :) Just tell me what we need to tell the user to do after the package is installed. Manually create a security user and make sure it is set to the same value as the kernel config?
Okay its in the tree, but I did clean up some of the code in both the ebuild and the initd script. Please look it over and test it, and if it works for you, then enjoy! else reopen this bug.
<igraltist> blueness: rsbac-admin works nice thx <blueness> igraltist, good, cloing the bug
