Installation HOWTO (Dazuko 2.x)
There are 5 steps to compiling and installing Dazuko. However, you should have some experience with compiling your kernel. If you do not have this experience, it is suggested that you refer to the various available handbooks to learn about the kernel building process. Building your own kernel not only allows your system to run optimally, but also gives you a chance to work with and get a feel for the heart of your operating system.
Step 1: Get your kernel source code
Dazuko is a kernel module. Once a kernel module is loaded, it becomes one with your kernel. Therefore, Dazuko will call and share the same set of functions as the kernel. This is why the kernel source code is required in order to build Dazuko.
It is highly recommended that you first build and install a kernel. Then it is certain that the kernel source code you use to build Dazuko matches the running kernel. If you do not know how to do this, read the opening paragraph above.
Many distributions provide packages with the kernel source code. If you do not plan on building a new kernel, make sure you install the proper kernel source packages for your distribution.
Linux: See FAQ for information about configuring your Linux kernel source code.
Step 2: Compile Dazuko
Once the source code for your running kernel is available, you can build Dazuko. First a Makefile must be generated by running:
This will determine what kind of system you have and any special flags that need to be set. Then you can compile Dazuko with:
This will create the device driver as well as a couple example programs. Under Linux 2.2-2.4 the device driver is named dazuko.o. Under Linux 2.6 and FreeBSD it is named dazuko.ko.
You can perform a quick test to see if the device driver is compatible with your kernel using this command (as root):
# make test
This will try to insert and remove the kernel module.
If you get any warnings or errors from any of the steps above, something may not be correct. Please read over the FAQ (Dazuko 2.x) if you encounter problems.
Step 3: Insert Dazuko
Once you have successfully compiled Dazuko, the final step is to insert the module into the kernel. To do this, you must have root priveledges. This can be done with the command:
# /sbin/insmod dazuko.o
# /sbin/insmod dazuko.ko
# /sbin/kldload dazuko.ko
If you don't get any messages, this is a good sign. To check if the module has been loaded type:
$ cat /proc/modules
If you see "dazuko" listed then the Dazuko driver has been successfully loaded. Unless you are using devfs, the device node must now be created. With devfs, device nodes are created automatically.
Under Linux the device major number for Dazuko must be found. This is done with:
$ cat /proc/devices
You should see "dazuko" listed along with its device major number (usually 254). For example purposes, I will assume this number is 254. The commands to create the device node are:
# mknod -m 600 /dev/dazuko c 254 0 # chown root:root /dev/dazuko
Under FreeBSD 4
# mknod /dev/dazuko c 33 0
Step 4: Test Dazuko
So you've got Dazuko compiled and inserted into your kernel. Now what?
Once Dazuko is loaded, an application is able to handle file access control through the Dazuko device. To test Dazuko it is recommended that you try out the example program included (in the example_c subdirectory). You can build the example program with:
$ cd example_c $ make
For security reasons Dazuko will only operate with processes that are running as root. Therefore you need to be root when you run the example program. The example program takes a list of paths to "watch" as arguments.
# ./example /home /usr/home
Once the example program is running, open up another terminal or shell. Open up some file within the /home directory (or any subdirectory thereof). As the files are accessed, the example program should output various information.
The example program always permits the accesses, however another application could be written that denies file accesses in certain conditions. This allows a 3rd party to write complex file access control schemes (or customized file access logging utilities).
Step 5: Install Dazuko
After you have verified that Dazuko correctly works on your system, you will probably want to install it on the system (so that it is easily available). From the original Dazuko source code directory (not the example_c directory) you can run (as root):
# make install
This performs the necessary actions to install the Dazuko device driver to your system.