Previous Topic: Kernel Modules Load and Unload ProtectionNext Topic: Enable and Disable Kernel Module Protection


Protect a Kernel Module

You can protect the loading and unloading of kernel modules, and so help protect the operating system.

To protect a kernel module

  1. Ensure you have enabled kernel module protection.
  2. Create a KMODULE record in CA ControlMinder.

    To create a kernel module, you need to define:

    Note: On HP and Solaris systems, you can define the special kernel module _ALL_MODULES to protect the unloading of all kernel modules.

  3. Define the users or groups that are authorized to load and unload the module.

Example: Protect a Kernel Module Using selang Commands

The following selang commands define and authorize a kernel module serial.o to CA ControlMinder and authorizes the enterprise user kadmin to load and unload it:

newres kmodule serial.o owner(kadmin) defaccess(none) \
filepath(/lib/modules/2.2.19/serial.o:/lib/modules/2.2.20/serial.o)
authorize kmodule serial.o access(load, unload) xuid(kadmin)