[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Dazuko-devel] 2.2.2-pre1 + 2.3.0 posted

From: John Ogness
Subject: [Dazuko-devel] 2.2.2-pre1 + 2.3.0 posted
Date: Fri, 30 Jun 2006 18:29:34 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20060503 Debian/1.7.8-1sarge6


Today I have posted 2 new versions of Dazuko.

This is a continuation of the stable 2.2.x branch. It fixes compile errors
on FreeBSD and some problems with identifying the Linux kernel version. Both
of these fixes are actually pretty important (for getting Dazuko compiled
and installed), so I plan to release 2.2.2 very soon.

This is an official release that adds an option to support system call table
hooking for Linux 2.6. By default, Dazuko will still use LSM by default on
Linux 2.6. But you may configure it to use syscalls with something like:

$ ./configure --enable-syscalls --mapfile=/boot/System.map-`uname -r`

Of course, it is very important that you specify the correct mapfile. If
Dazuko is configured to use syscalls, it will not use LSM at all. This
avoids all the AppArmor and Capability problems that continually reoccur.

I decided to allow syscall hooking for Linux 2.6 because the LSM API
continually becomes more difficult to access (because other modules such as
AppArmor or Capabilities won't share). LSM is also possibly scheduled for
removal from the Linux kernel because it has caused way more problems then
it has solved (and SElinux actually provides all you need, anyway).

The future of Dazuko is DazukoFS, which will be available for Dazuko 3.0.
However, it is still in early internal testing stages and is not ready for
production use. Allowing syscall hooking gives the Dazuko project more time
to implement and test DazukoFS without worrying that LSM is disappearing.

If you go to the Dazuko downloads page, you will notice that 2.3.0 is not
listed as the latest stable release. Although the Linux 2.6 syscall hooking
has been extensively tested over the past few weeks, it caused signifcant
code changes in the Linux 2.4 code (shared code). Until we have performed
more tests to make sure Linux 2.4 support isn't "damaged", I want 2.3.0 to
sit in the development section.

Many thanks to Sami Tikka and Kevin Kofler. Without you guys I would not
have had time to get Linux 2.6 syscall hooking integrated.

John Ogness

Dazuko Maintainer

reply via email to

[Prev in Thread] Current Thread [Next in Thread]