https://wiki.atomicorp.com/wiki/index.php?title=Installing_custom_kernel_modules_with_ASL&feed=atom&action=historyInstalling custom kernel modules with ASL - Revision history2024-03-28T12:44:38ZRevision history for this page on the wikiMediaWiki 1.20.2https://wiki.atomicorp.com/wiki/index.php?title=Installing_custom_kernel_modules_with_ASL&diff=2512&oldid=prevMshinn: /* Example script */2012-06-28T03:55:36Z<p><span dir="auto"><span class="autocomment">Example script</span></span></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 03:55, 28 June 2012</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 58:</td>
<td colspan="2" class="diff-lineno">Line 58:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== Example script ==</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== Example script ==</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">This is an example Linux bash script, which init uses to configure the system on boot.  All shell scripts (bash is a shell script) require a token to start the script to tell the system that this is a both a script, and what interpreter to use to execute the script.  The first line in the script is the token.  The following lines contains commands that the interpreter, in this case "/bin/bash" will understand.  Think of this as a list of commands you can run in the Linux shell.</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div><pre></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div><pre></div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 63:</td>
<td colspan="2" class="diff-lineno">Line 65:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>modprobe xt_dscp  </div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>modprobe xt_dscp  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div></pre></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div></pre></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">Linux uses a special userspace tool called "modprobe" to insert kernel modules.  You simply need to provide the name of the module to load it.  You do not need to include the .ko in the module name, just the name of the module.  For example, to load the xt_dscp.ko module you just need to use the name "xt_dscp" as in the example above.</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">Save this script on the system using a text edit.  </ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">Note:  Microsoft based text editors will not save files in a format that works on UNIX based systems.  They place ^Ms at the end of every line, if you create a script in a Microsoft based editor you will need to fix the format of the file.  Fortunately on UNIX based systems, like Linux, there is a command to do this.  Just use the command "dos2unix <filename>" to fix the file, where <filename> is the literal filename to be fixed.  For example:</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">dos2unix S97_custom_modules</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">This will fix the file.</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>For a script to run it also needs to have permission to execute, so when you save the file to your /etc/rcN.d directory, make sure its executable.  A simple way to do that is to run this command as root:</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>For a script to run it also needs to have permission to execute, so when you save the file to your /etc/rcN.d directory, make sure its executable.  A simple way to do that is to run this command as root:</div></td></tr>
</table>Mshinnhttps://wiki.atomicorp.com/wiki/index.php?title=Installing_custom_kernel_modules_with_ASL&diff=2511&oldid=prevMshinn at 20:32, 27 June 20122012-06-27T20:32:32Z<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 20:32, 27 June 2012</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">= Introduction =</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>[[ASL]] protects Linux systems in many ways.  One of the ways it protects Linux systems from kernel level rootkits is to lock the kernel from any additional changes.  Unlike a normal Linux kernel, which can be modified on the fly and can have its code changed anytime - by a malicious person for example - an ASL kernel protects itself by preventing these changes.  ASL does this at the end of the init process, or the boot up process in Linux.</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>[[ASL]] protects Linux systems in many ways.  One of the ways it protects Linux systems from kernel level rootkits is to lock the kernel from any additional changes.  Unlike a normal Linux kernel, which can be modified on the fly and can have its code changed anytime - by a malicious person for example - an ASL kernel protects itself by preventing these changes.  ASL does this at the end of the init process, or the boot up process in Linux.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>Specifically, ASL locks the kernel right at the end of the process or at position S99.  ASL will load whatever modules the system is configured to load during boot and once that is complete it will prevent any future changes to the kernel.   </div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>Specifically, ASL locks the kernel right at the end of the process or at position S99.  ASL will load whatever modules the system is configured to load during boot and once that is complete it will prevent any future changes to the kernel.   </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>This is the default behavior for ASL, to lock the kernel.  So, if you stuck to the defaults, or you set ASL to lock the kernel  (which you are highly encouraged to do) you will see an error if you try to load a kernel module once the system finishes booting up.  To load custom modules you need to configure the system to do this during boot up, and the best place to do that is before init reaches position S99.  The rest of this article explains init, what it does, what those positions are and how we recommend you load custom modules.  This will vary from system to system as you may need to load those modules earlier in the init process.. Therefore check with your OS or third party product vendor to find out where in the boot process to load those modules.</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>This is the default behavior for ASL, to lock the kernel.  So, if you stuck to the defaults <ins class="diffchange diffchange-inline">(which we recommend, allowing the kernel change on the fly is very insecure and is not necessary)</ins>, or <ins class="diffchange diffchange-inline">if </ins>you set ASL to lock the kernel  (which you are highly encouraged to do) you will see an error if you try to load a kernel module once the system finishes booting up.   </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>To load custom modules you need to configure the system to do this during boot up, and the best place to do that is before init reaches position S99.  The rest of this article explains init, what it does, what those positions are and how we recommend you load custom modules.  This will vary from system to system as you may need to load those modules earlier in the init process.. Therefore check with your OS or third party product vendor to find out where in the boot process to load those modules.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>Your other option is to configure ASL to behave like a normal Linux kernel, this is to allow the kernel to modified at any time, by malicious and non-malicious users.  You can do that by logging into the ASL GUI, click on ASL Configuration, scroll down to kernel and set modules to load.  You will then need to reboot your system.  We do not recommend you set this and ASL will alert you to this vulnerable condition your system is now in.</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>Your other option is to configure ASL to behave like a normal Linux kernel, this is to allow the kernel to modified at any time, by malicious and non-malicious users.  You can do that by logging into the ASL GUI, click on ASL Configuration, scroll down to kernel and set modules to load.  You will then need to reboot your system.  We do not recommend you set this and ASL will alert you to this vulnerable condition your system is now in.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div><del class="diffchange diffchange-inline">=</del>= init primer <del class="diffchange diffchange-inline">=</del>=</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>= init primer =</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>init is the master program, if you will, for all UNIX systems (init is not part of ASL, please contact your OS vendor for support with init). Everything is a child of init, its process 1. (And no, you can't kill it - go ahead! Its safe!)</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>init is the master program, if you will, for all UNIX systems (init is not part of ASL, please contact your OS vendor for support with init). Everything is a child of init, its process 1. (And no, you can't kill it - go ahead! Its safe!)</div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 43:</td>
<td colspan="2" class="diff-lineno">Line 47:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>That directory is typically where the actual scripts are to prevent duplication of the scripts in all the /etc/rcN.d/ directories.</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>That directory is typically where the actual scripts are to prevent duplication of the scripts in all the /etc/rcN.d/ directories.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div><del class="diffchange diffchange-inline">=</del>= Load the custom module <del class="diffchange diffchange-inline">=</del>=</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>= Load the custom module =</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So, if you want to load modules before S99, then create a script in /etc/rc3.d/ with a number less than 99. S98_custom_modules for example.</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So, if you want to load modules before S99, then create a script in /etc/rc3.d/ with a number less than 99. S98_custom_modules for example.</div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 52:</td>
<td colspan="2" class="diff-lineno">Line 56:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>You do not have to do it this way, you can also put your script in the /etc/rcN.d directory that is correct for your system, you can also just modify the init scripts to load whatever modules you when those scripts run.</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>You do not have to do it this way, you can also put your script in the /etc/rcN.d directory that is correct for your system, you can also just modify the init scripts to load whatever modules you when those scripts run.</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">== Example script ==</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"><pre></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">#!/bin/bash</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">modprobe xt_dscp </ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></pre></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">For a script to run it also needs to have permission to execute, so when you save the file to your /etc/rcN.d directory, make sure its executable.  A simple way to do that is to run this command as root:</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">chmod u+x /etc/rcN.d/S97_custom_modules</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">Again, read this entire article so you know what to change "N" to, as there is no /etc/rcN.d directory.</ins></div></td></tr>
</table>Mshinnhttps://wiki.atomicorp.com/wiki/index.php?title=Installing_custom_kernel_modules_with_ASL&diff=990&oldid=prevMshinn: /* init primer */2010-09-06T18:48:08Z<p><span dir="auto"><span class="autocomment">init primer</span></span></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 18:48, 6 September 2010</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 9:</td>
<td colspan="2" class="diff-lineno">Line 9:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== init primer ==</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== init primer ==</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>init is the master program, if you will, for all UNIX systems. Everything is a child of init, its process 1. (And no, you can't kill it - go ahead! Its safe!)</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>init is the master program, if you will, for all UNIX systems <ins class="diffchange diffchange-inline">(init is not part of ASL, please contact your OS vendor for support with init)</ins>. Everything is a child of init, its process 1. (And no, you can't kill it - go ahead! Its safe!)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So when the system starts up init will start up everything for you, and carry out all the tasks needed to setup the system - like turning on networking and loading modules. init does this by "runlevel", these levels roughly correlate to the "function" of the system - dont get hung up on this, UNIX is OLD so these are concepts that dont matter as much as they used to. When init starts it checks the file /etc/inittab - that file tells it the "run level" to start up. This allows a UNIX system to basically have different levels or configurations depending on need. In practice, this isnt really used by most people. In practice most Linux systems will either start run level "3" or run level "5". These levels basically mean:</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So when the system starts up init will start up everything for you, and carry out all the tasks needed to setup the system - like turning on networking and loading modules. init does this by "runlevel", these levels roughly correlate to the "function" of the system - dont get hung up on this, UNIX is OLD so these are concepts that dont matter as much as they used to. When init starts it checks the file /etc/inittab - that file tells it the "run level" to start up. This allows a UNIX system to basically have different levels or configurations depending on need. In practice, this isnt really used by most people. In practice most Linux systems will either start run level "3" or run level "5". These levels basically mean:</div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 41:</td>
<td colspan="2" class="diff-lineno">Line 41:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>   /etc/init.d/</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>   /etc/init.d/</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>That directory is typically where the actual scripts are to prevent duplication of the scripts in all the /etc/rcN.d/ directories. <del class="diffchange diffchange-inline"> </del></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>That directory is typically where the actual scripts are to prevent duplication of the scripts in all the /etc/rcN.d/ directories.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== Load the custom module ==</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== Load the custom module ==</div></td></tr>
</table>Mshinnhttps://wiki.atomicorp.com/wiki/index.php?title=Installing_custom_kernel_modules_with_ASL&diff=890&oldid=prevMshinn at 23:02, 19 June 20102010-06-19T23:02:24Z<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 23:02, 19 June 2010</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 41:</td>
<td colspan="2" class="diff-lineno">Line 41:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>   /etc/init.d/</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>   /etc/init.d/</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>That directory is typically where the actual scripts are to prevent duplication of the scripts in all the /etc/rcN.d/ directories.  <del class="diffchange diffchange-inline">You can put your custom module script in /etc/init.d/ and symlink to it like this:</del></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>That directory is typically where the actual scripts are to prevent duplication of the scripts in all the /etc/rcN.d/ directories.   </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div> </div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div><del class="diffchange diffchange-inline">  ln -s /etc/init.d/custom_modules S98custom_modules</del></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div> </div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div><del class="diffchange diffchange-inline">You do not have to do it this way, you can also put your script in the /etc/rcN.d directory that is correct for your system, you can also just modify the init scripts to load whatever modules you when those scripts run.</del></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== Load the custom module ==</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== Load the custom module ==</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So, if you want to load modules before S99, then create a script in /etc/rc3.d/ with a number less than 99. S98_custom_modules for example.</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So, if you want to load modules before S99, then create a script in /etc/rc3.d/ with a number less than 99. S98_custom_modules for example.</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">You can also put your custom module script in /etc/init.d/ and symlink to it like this:</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">  ln -s /etc/init.d/custom_modules S98custom_modules</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins style="color: red; font-weight: bold; text-decoration: none;">You do not have to do it this way, you can also put your script in the /etc/rcN.d directory that is correct for your system, you can also just modify the init scripts to load whatever modules you when those scripts run.</ins></div></td></tr>
</table>Mshinnhttps://wiki.atomicorp.com/wiki/index.php?title=Installing_custom_kernel_modules_with_ASL&diff=889&oldid=prevMshinn: /* init primer */2010-06-19T23:01:27Z<p><span dir="auto"><span class="autocomment">init primer</span></span></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 23:01, 19 June 2010</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 19:</td>
<td colspan="2" class="diff-lineno">Line 19:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>And in case anyone is wondering, 2 used to mean multi-user server but without things like NFS, etc. And run level 1 is "single user" a special mode that starts UNIX/Linux in todays world into a maintainence/oh my god I broke it mode. (In the past it actually meant single user)</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>And in case anyone is wondering, 2 used to mean multi-user server but without things like NFS, etc. And run level 1 is "single user" a special mode that starts UNIX/Linux in todays world into a maintainence/oh my god I broke it mode. (In the past it actually meant single user)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>The levels ultimately are arbitrary, and heres why. All that happens when you tell init to run at a "level" is that it runs the scripts in a different directory. You see, init just runs in numerical order all the scripts in one of directories:</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>The levels ultimately are arbitrary, and heres why. All that happens when you tell init to run at a "level" is that it runs the scripts in a different directory. You see, init just runs in numerical order all the scripts in one of <ins class="diffchange diffchange-inline">these </ins>directories:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>   /etc/rc1.d/</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>   /etc/rc1.d/</div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 35:</td>
<td colspan="2" class="diff-lineno">Line 35:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>   /etc/rc3.d/</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>   /etc/rc3.d/</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>Inside that directory you will see scripts that start with S and K. S means do this on start, K means do this when the system shuts down.  </div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>Inside that directory you will see scripts that start with S and K. S means do this on start, K means do this when the system shuts down<ins class="diffchange diffchange-inline">.  Scripts are run in numerical order, so S00 runs before S01.  S10 runs before S99, and so on.  ASL locks the kernel at positions S99, so any init script running before S99 can load/unload all the modules it wants.  </ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">In modern Linux systems you will see all the files in /etc/rcN.d (where N is a number as expressed above) as symlinks to this directory:</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  /etc/init.d/</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">That directory is typically where the actual scripts are to prevent duplication of the scripts in all the /etc/rcN.d/ directories.  You can put your custom module script in /etc/init.d/ and symlink to it like this:</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  ln -s /etc/init.d/custom_modules S98custom_modules</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">You do not have to do it this way, you can also put your script in the /etc/rcN.d directory that is correct for your system, you can also just modify the init scripts to load whatever modules you when those scripts run</ins>.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== Load the custom module ==</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== Load the custom module ==</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So, if you want to load modules before S99, then create a script in /etc/rc3.d/ with a number less than 99. S98_custom_modules for example.</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So, if you want to load modules before S99, then create a script in /etc/rc3.d/ with a number less than 99. S98_custom_modules for example.</div></td></tr>
</table>Mshinnhttps://wiki.atomicorp.com/wiki/index.php?title=Installing_custom_kernel_modules_with_ASL&diff=888&oldid=prevMshinn at 22:55, 19 June 20102010-06-19T22:55:22Z<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 22:55, 19 June 2010</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>[[ASL]] protects Linux systems in many ways.  One of the ways it protects Linux systems from kernel level rootkits is to lock the kernel from any additional changes.  Unlike a normal Linux kernel, which can be modified on the fly and can have its code changed anytime - by a malicious person for example - an ASL kernel protects itself by preventing these changes.  ASL does this at the end of the init process, <del class="diffchange diffchange-inline">S99 to be specific to allow a </del>Linux <del class="diffchange diffchange-inline">system to change </del>the kernel <del class="diffchange diffchange-inline">as necessary, for example to </del>load modules<del class="diffchange diffchange-inline">, </del>and once that is complete <del class="diffchange diffchange-inline">to </del>prevent any future changes.  <del class="diffchange diffchange-inline">If </del>you set ASL to lock the kernel<del class="diffchange diffchange-inline">, </del>which you are highly encouraged to do<del class="diffchange diffchange-inline">, </del>you will see an error if you try to load a kernel module once the system finishes booting up.  To load custom modules you need to do this during boot up, and the best place to do that is before init <del class="diffchange diffchange-inline">reached </del>S99.  The rest of this article explains init, what it does, <del class="diffchange diffchange-inline">and </del>what we recommend you load custom modules.  This will vary from system to system as you may need to load those modules earlier in the init process<del class="diffchange diffchange-inline">, </del>check with <del class="diffchange diffchange-inline">the vendor of the </del>product <del class="diffchange diffchange-inline">you are using </del>to find out where to load those modules.</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>[[ASL]] protects Linux systems in many ways.  One of the ways it protects Linux systems from kernel level rootkits is to lock the kernel from any additional changes.  Unlike a normal Linux kernel, which can be modified on the fly and can have its code changed anytime - by a malicious person for example - an ASL kernel protects itself by preventing these changes.  ASL does this at the end of the init process, <ins class="diffchange diffchange-inline">or the boot up process in </ins>Linux<ins class="diffchange diffchange-inline">.</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">Specifically, ASL locks </ins>the kernel <ins class="diffchange diffchange-inline">right at the end of the process or at position S99.  ASL will </ins>load <ins class="diffchange diffchange-inline">whatever </ins>modules <ins class="diffchange diffchange-inline">the system is configured to load during boot </ins>and once that is complete <ins class="diffchange diffchange-inline">it will </ins>prevent any future changes <ins class="diffchange diffchange-inline">to the kernel</ins>.   </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">This is the default behavior for ASL, to lock the kernel.  So, if you stuck to the defaults, or </ins>you set ASL to lock the kernel <ins class="diffchange diffchange-inline"> (</ins>which you are highly encouraged to do<ins class="diffchange diffchange-inline">) </ins>you will see an error if you try to load a kernel module once the system finishes booting up.  To load custom modules you need <ins class="diffchange diffchange-inline">to configure the system </ins>to do this during boot up, and the best place to do that is before init <ins class="diffchange diffchange-inline">reaches position </ins>S99.  The rest of this article explains init, what it does, what <ins class="diffchange diffchange-inline">those positions are and how </ins>we recommend you load custom modules.  This will vary from system to system as you may need to load those modules earlier in the init process<ins class="diffchange diffchange-inline">.. Therefore </ins>check with <ins class="diffchange diffchange-inline">your OS or third party </ins>product <ins class="diffchange diffchange-inline">vendor </ins>to find out where <ins class="diffchange diffchange-inline">in the boot process </ins>to load those modules<ins class="diffchange diffchange-inline">.</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">Your other option is to configure ASL to behave like a normal Linux kernel, this is to allow the kernel to modified at any time, by malicious and non-malicious users.  You can do that by logging into the ASL GUI, click on ASL Configuration, scroll down to kernel and set modules to load.  You will then need to reboot your system.  We do not recommend you set this and ASL will alert you to this vulnerable condition your system is now in</ins>.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== init primer ==</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>== init primer ==</div></td></tr>
</table>Mshinnhttps://wiki.atomicorp.com/wiki/index.php?title=Installing_custom_kernel_modules_with_ASL&diff=733&oldid=prevMshinn at 16:41, 17 December 20092009-12-17T16:41:12Z<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 16:41, 17 December 2009</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 7:</td>
<td colspan="2" class="diff-lineno">Line 7:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So when the system starts up init will start up everything for you, and carry out all the tasks needed to setup the system - like turning on networking and loading modules. init does this by "runlevel", these levels roughly correlate to the "function" of the system - dont get hung up on this, UNIX is OLD so these are concepts that dont matter as much as they used to. When init starts it checks the file /etc/inittab - that file tells it the "run level" to start up. This allows a UNIX system to basically have different levels or configurations depending on need. In practice, this isnt really used by most people. In practice most Linux systems will either start run level "3" or run level "5". These levels basically mean:</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So when the system starts up init will start up everything for you, and carry out all the tasks needed to setup the system - like turning on networking and loading modules. init does this by "runlevel", these levels roughly correlate to the "function" of the system - dont get hung up on this, UNIX is OLD so these are concepts that dont matter as much as they used to. When init starts it checks the file /etc/inittab - that file tells it the "run level" to start up. This allows a UNIX system to basically have different levels or configurations depending on need. In practice, this isnt really used by most people. In practice most Linux systems will either start run level "3" or run level "5". These levels basically mean:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>3 - multi user system with remote services (a server)</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  </ins>3 - multi user system with remote services (a server)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>5 - multi users system with remote services and a big heavy GUI (a desktop basically)</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  </ins>5 - multi users system with remote services and a big heavy GUI (a desktop basically)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>And in case anyone is wondering, 2 used to mean multi-user server but without things like NFS, etc. And run level 1 is "single user" a special mode that starts UNIX/Linux in todays world into a maintainence/oh my god I broke it mode. (In the past it actually meant single user)</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>And in case anyone is wondering, 2 used to mean multi-user server but without things like NFS, etc. And run level 1 is "single user" a special mode that starts UNIX/Linux in todays world into a maintainence/oh my god I broke it mode. (In the past it actually meant single user)</div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 15:</td>
<td colspan="2" class="diff-lineno">Line 15:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>The levels ultimately are arbitrary, and heres why. All that happens when you tell init to run at a "level" is that it runs the scripts in a different directory. You see, init just runs in numerical order all the scripts in one of directories:</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>The levels ultimately are arbitrary, and heres why. All that happens when you tell init to run at a "level" is that it runs the scripts in a different directory. You see, init just runs in numerical order all the scripts in one of directories:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>/etc/rc1.d/</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  </ins>/etc/rc1.d/</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>/etc/rc2.d/</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  </ins>/etc/rc2.d/</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>/etc/rc3.d/</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  </ins>/etc/rc3.d/</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>/etc/rc4.d/</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  </ins>/etc/rc4.d/</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>/etc/rc5.d/</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  </ins>/etc/rc5.d/</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>And those numbers refer to run levels. So, if you look in /etc/inittab you'll see a line like this:</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>And those numbers refer to run levels. So, if you look in /etc/inittab you'll see a line like this:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>id:3:initdefault:</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  </ins>id:3:initdefault:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So that tells init to run every script in this directory - and only the scripts in this directory:</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>So that tells init to run every script in this directory - and only the scripts in this directory:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>/etc/rc3.d/</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div><ins class="diffchange diffchange-inline">  </ins>/etc/rc3.d/</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>Inside that directory you will see scripts that start with S and K. S means do this on start, K means do this when the system shuts down.  </div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>Inside that directory you will see scripts that start with S and K. S means do this on start, K means do this when the system shuts down.  </div></td></tr>
</table>Mshinnhttps://wiki.atomicorp.com/wiki/index.php?title=Installing_custom_kernel_modules_with_ASL&diff=732&oldid=prevMshinn: Created page with 'ASL protects Linux systems in many ways. One of the ways it protects Linux systems from kernel level rootkits is to lock the kernel from any additional changes. Unlike a no…'2009-12-17T16:39:46Z<p>Created page with '<a href="/wiki/index.php/ASL" title="ASL">ASL</a> protects Linux systems in many ways. One of the ways it protects Linux systems from kernel level rootkits is to lock the kernel from any additional changes. Unlike a no…'</p>
<p><b>New page</b></p><div>[[ASL]] protects Linux systems in many ways. One of the ways it protects Linux systems from kernel level rootkits is to lock the kernel from any additional changes. Unlike a normal Linux kernel, which can be modified on the fly and can have its code changed anytime - by a malicious person for example - an ASL kernel protects itself by preventing these changes. ASL does this at the end of the init process, S99 to be specific to allow a Linux system to change the kernel as necessary, for example to load modules, and once that is complete to prevent any future changes. If you set ASL to lock the kernel, which you are highly encouraged to do, you will see an error if you try to load a kernel module once the system finishes booting up. To load custom modules you need to do this during boot up, and the best place to do that is before init reached S99. The rest of this article explains init, what it does, and what we recommend you load custom modules. This will vary from system to system as you may need to load those modules earlier in the init process, check with the vendor of the product you are using to find out where to load those modules.<br />
<br />
== init primer ==<br />
<br />
init is the master program, if you will, for all UNIX systems. Everything is a child of init, its process 1. (And no, you can't kill it - go ahead! Its safe!)<br />
<br />
So when the system starts up init will start up everything for you, and carry out all the tasks needed to setup the system - like turning on networking and loading modules. init does this by "runlevel", these levels roughly correlate to the "function" of the system - dont get hung up on this, UNIX is OLD so these are concepts that dont matter as much as they used to. When init starts it checks the file /etc/inittab - that file tells it the "run level" to start up. This allows a UNIX system to basically have different levels or configurations depending on need. In practice, this isnt really used by most people. In practice most Linux systems will either start run level "3" or run level "5". These levels basically mean:<br />
<br />
3 - multi user system with remote services (a server)<br />
<br />
5 - multi users system with remote services and a big heavy GUI (a desktop basically)<br />
<br />
And in case anyone is wondering, 2 used to mean multi-user server but without things like NFS, etc. And run level 1 is "single user" a special mode that starts UNIX/Linux in todays world into a maintainence/oh my god I broke it mode. (In the past it actually meant single user)<br />
<br />
The levels ultimately are arbitrary, and heres why. All that happens when you tell init to run at a "level" is that it runs the scripts in a different directory. You see, init just runs in numerical order all the scripts in one of directories:<br />
<br />
/etc/rc1.d/<br />
/etc/rc2.d/<br />
/etc/rc3.d/<br />
/etc/rc4.d/<br />
/etc/rc5.d/<br />
<br />
And those numbers refer to run levels. So, if you look in /etc/inittab you'll see a line like this:<br />
<br />
id:3:initdefault:<br />
<br />
So that tells init to run every script in this directory - and only the scripts in this directory:<br />
<br />
/etc/rc3.d/<br />
<br />
Inside that directory you will see scripts that start with S and K. S means do this on start, K means do this when the system shuts down. <br />
<br />
== Load the custom module ==<br />
<br />
So, if you want to load modules before S99, then create a script in /etc/rc3.d/ with a number less than 99. S98_custom_modules for example.</div>Mshinn