Quick install for LIDS 2.2.x with XATTR suppport
-------------
NOTE: this lidstool can be used not only for kernel 2.6.x

You need to do the following 
1. Configure the kernel with "SHA256" support under the "CRYTPO" entry.
   This Option is needed by LIDS to authenticate the lidsadm user.

ONFIG_CRYPTO=y
CONFIG_CRYPTO_SHA256=y

2. Configure the kernel with "XATTR" support. Note, reiserfs do not support
XATTR in the kernel right now, but has a patch which will let it support.
The following is EXT2 and EXT3's example.

CONFIG_EXT2_FS=y
CONFIG_EXT2_FS_XATTR=y
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT2_FS_SECURITY=y
CONFIG_EXT3_FS=y
CONFIG_EXT3_FS_XATTR=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_EXT3_FS_SECURITY=y


2. Reconfigure the filesystem to make it work  
   edit the /etc/fstab , adding "acl" after the "default"

here is an example on Redhat 9.0, 
 -------------- /etc/fstab -----------------------------------------------------
LABEL=/                 /                       ext3    defaults,acl        1 1
none                    /dev/pts                devpts  gid=5,mode=620  0 0
none                    /proc                   proc    defaults        0 0
none                    /dev/shm                tmpfs   defaults        0 0
------------ end of /etc/fstab -------------------------------------------------

Here is what you need to do :

3. Install LIDSTOOLS

./configure KERNEL_DIR=your_kernel_dir_with_lids_patch
make
make install

4. Reconfigure the ACLs.

Current ACLs will stored in inode's xattr on the file system. check the 
example on "example/lids.acl.conf" for details. 

NOTE: the ACL configure need run only ONCE. But you can always change the 
ACL anytime you want. 

5. Enjoy the new one. 

then configure the ACLs (man lidsconf), check example/lids.acl.sh for example).
then configure, compile and install the new patched kernel
then reboot and enjoy :)


The configuration script need a kernel sources tree patched with 
the LIDS patch. But it will give you any action it need you to do.
It could do it by itself, but I think the configure script must not
be allowed to modify anything else than the configuration.

There is some documentation and the FAQ in the doc/ directory.
You'll find the ACL examples in the example/ document. These ACL are
installed in /etc/lids during the make install. You are encouraged to 
flush them and make your own.

If you are experiencig problems, if you need help, if you want to 
report a bug, if you have a new bright idea or if you just want
to get in touch with the authors, you can use the following e-mail
addresses :

LIDS Mailing List 	<lids-user@lists.sourceforge.net>
Huagang XIE 		<xie@www.lids.org>

Enjoy,
LIDS Develop Team
March 2004
