README for lidsadm 0.9.4
More restriction on ADDing a rule.


README for lidsadm 0.9.2
Please read the manpage for lidsadm first. more are changed from the previous version.


README for lidsadm 0.9pre4

This program is a free software under GPL. Copyright by Xie Huagang.

lidsadm is a utility to administer the Linux Intrusion Detection System 
offered by the Linux kernel with lids patch.


To Make simply type
        make
in the source directory.
You can make with the "view" option to see exact LIDS state with
        make VIEW=1
You can now execute a lidsadm -V and know which capabilities/flags are on/off


Install to your liking.  
It must be 
        /sbin/lidsadm
This will be done automatically when calling
        make install
in the source directory.

After a successful make, type 
	lidsadm -h 
to view the help message.

--------------------
Important file to be protected and not protected.

/lib/modules must be protected.

NOTE: some file are change during the system booting up by INIT.

examples:

/lib/modules/2.2.13/modules.dep
/var/log/dmesg
/etc/mtab

For /etc/mtab, add the -n option to all the calls to mount in your 
rc.d scripts and make a link from /etc/mtab to /proc/mounts
For the others, their modification during boot is generally
superfluous. (you dont need to update modules.dep each time you boot
but each time you change your modules).


The following Files must be protected!!!
-----
/sbin
/etc/
/usr/sbin
/usr/bin
/bin/
/boot

You must exec only protected programs before sealing LIDS.
You can find some useful options when compiling the kernel in the LIDS
section to check this. See ../README and the LIDS how-to (available on 
http://www.lids.org)
