RSBAC README for the kernel parameters.
---------------------------------------

The RSBAC system accepts the following parameters:
 - rsbac_debug_ds: Debug messages from the Data Structures component.
 - rsbac_debug_aef: Debug messages from the enforcement component (AEF).
 - rsbac_debug_no_adf: Set default log level value for all request
   types to 0: Do not log.
 - rsbac_debug_adf (default, so obsolete): Set default log level value for all
   request types to 1: Logging messages
   from the decision component (ADF) for all requests that were denied (highly
   recommended for testing, even in normal use). If provided, pseudonyms of
   users are used.
 - rsbac_debug_adf_all: Set default log level value for all request types to 2:
   Logging messages from the decision component (ADF) for all requests. If
   provided, pseudonyms of users are used. Gives a real lot of logging stuff
    - never try this, if checking of sys_syslog is turned on and log levels
   have not yet been saved to keep them permanent...
 - rsbac_debug_ds_pm: Debug messages from the Data Structures component,
   on access to privacy model data.
 - rsbac_debug_aef_pm: Debug messages for privacy model specific system
   calls.
 - rsbac_debug_adf_pm: Debug messages for access control in privacy module.
 - rsbac_debug_pm: Sets rsbac_debug_ds_pm, rsbac_debug_aef_pm,
   rsbac_debug_adf_pm (recommended for testing privacy model).
 - rsbac_debug_adf_ms: Debug messages for access control in Malware Scan.
 - rsbac_debug_ds_rc: Debug messages from the Data Structures component,
   on access to Role Compatibility model data.
 - rsbac_debug_aef_rc: Debug messages for Role Compatibility model specific
   system calls.
 - rsbac_debug_adf_rc: Debug messages for access control in RC module.
 - rsbac_debug_rc: Sets rsbac_debug_ds_rc, rsbac_debug_aef_rc,
   rsbac_debug_adf_rc.
 - rsbac_debug_ds_auth: Debug messages from the Data Structures component,
   on access to AUTH model data.
 - rsbac_debug_aef_auth: Debug messages for AUTH model specific system calls.
 - rsbac_debug_adf_auth: Debug messages for access control in AUTH module.
 - rsbac_debug_auth: Sets rsbac_debug_ds_auth, rsbac_debug_aef_auth,
   rsbac_debug_adf_auth.
 - rsbac_debug_ds_acl: Debug messages from the Data Structures component,
   on access to Access Control Lists (ACL) model data.
 - rsbac_debug_aef_acl: Debug messages for ACL model specific
   system calls.
 - rsbac_debug_adf_acl: Debug messages for access control in ACL module.
 - rsbac_debug_acl: Sets rsbac_debug_ds_acl, rsbac_debug_aef_acl,
   rsbac_debug_adf_acl.
 - rsbac_debug_all: Sets all debug options - in fact turns on a huge amount
   of logging. Beware of a fast growing system log. Hardly ever recommended.
 - rsbac_debug_no_write: Turn writing to disk off for this
   single boot time. For testing.
 - rsbac_debug_auto: Debug messages from auto-write / rsbacd. Recommended
   for a good disk saving overview.
 - rsbac_debug_write: Debug messages from all attribute writing related
   procedures.
 - rsbac_no_defaults: suppress creation of default settings, useful for
   restore from existing backup. Warning: An unconfigured system will only
   come up in softmode or maint mode, and softmode will produce loads of
   logging (see rsbac_nosyslog option...).
 - rsbac_auth_enable_login: Sets auth_may_setuid for /bin/login, if AUTH
   module is on. A good emergency helper, if you cannot login anymore.
 - rsbac_softmode (only, if enabled on kernel config): switch to softmode
 - rsbac_softmode_<mod> (module name in lowercase, e.g. rc, only if enabled):
   switch individual model softmode to on
 - rsbac_dac_disable (only, if enabled in kernel config): disable Linux DAC
 - rsbac_nosyslog: do not log to syslog for this boot time

08/Aug/2002
Amon Ott <ao@rsbac.org>
