Translation: [ES]
   Center for Information Technology Integration   
Systrace - Interactive Policy Generation for System Calls
  
 

Systrace for Linux

by Marius Aamodt Eriksen (marius@umich.edu)

I am posting a development snapshot of systrace kernel portion for Linux;

  • Kernel patch version 1.3 (2003-06-04), version 1.2 (2003-03-22), version 1.1 (2003-01-18), version 1.0 (2002-12-07) against linux kernel version 2.4.20:
  • Kernel patch version 1.1 (2003-02-03) against linux kernel version 2.5.52 and version 1.1 against linux kernel version 2.5.59; thanks to Andreas Krennmair (ak at synflood dot at).
    • If you do not run with devfs, you need to create the device with: mknod /dev/systrace c 10 226.
    • If the userland compile fails because linux/systrace.h can not be found, you did not apply the patch correctly. Copy linux/systrace.h from the kernel patch to /usr/include/linux/systrace.h.
  • There are some code cleanup issues that have taken place since this patch was created. A new patch containing these will appear soon.
  • Systrace is supported in the following Linux distributions:

This is the kernel portion of systrace. Do not forget to enable Systrace via make menuconfig. You also need to install the gtk frontend and systrace userland, too. See the main page.


Back to the main page.

 

 

Questions and Comments:
Marius Aamodt Eriksen
Niels Provos
Last modified: Fri Mar 28 23:23:01 EST 2003