Quick install for LIDS 2.2.x with XATTR suppport
-------------
NOTE: lidstool can be used not only for kernel 2.6.x

1. KERNEL Configure and Install

1.1 CRYTPO and SHA256   

	Configure the kernel with "SHA256" support under the "CRYTPO" entry.
	This Option is needed by LIDS to authenticate the lidsadm user.

	CONFIG_CRYPTO=y
	CONFIG_CRYPTO_SHA256=y

1.2. LIDS relate options

   Make sure you do not select the "Capability" and "Selinux" in the kernel
   because right now, LIDS can not work with other modules at the same time.
 
	CONFIG_SECURITY=y
	CONFIG_SECURITY_NETWORK=y
	# CONFIG_SECURITY_CAPABILITIES is not set

	#
	# Linux Intrusion Detection System
	#
	CONFIG_LIDS=m

	#
	# LIDS Options
	#
	CONFIG_LIDS_NO_FLOOD_LOG=y
	CONFIG_LIDS_ALLOW_SWITCH=y
	CONFIG_LIDS_RESTRICT_MODE_SWITCH=y
	CONFIG_LIDS_MODE_SWITCH_CONSOLE=y
	CONFIG_LIDS_MODE_SWITCH_SERIAL=y
	CONFIG_LIDS_MODE_SWITCH_PTY=y
	# CONFIG_SECURITY_ROOTPLUG is not set
	# CONFIG_SECURITY_SELINUX is not set

1.4 patch to the vanilla kernel 2.6.xx 
  
	$ cd dir_to_kernel_2.6.xx
	$ patch -p1 < /dir_to_the_patch_file/patch-lids-2.0.3-2.6.xx
	$ make menuconfig/xconfig/config
	$ make bzImage
	$ make modules
 
2. Install LIDSTOOLS

./configure KERNEL_DIR=your_kernel_dir_with_lids_patch
make
make install

NOW. REBOOT the system and after coming back, you can configure 
the ACL in the next step. 

3. Reconfigure the ACLs.

NOTE: the ACL configure need run only ONCE. But you can always change the 
ACL anytime you want. 

4. Compile the ACLs
	
	# lidsconf -C 
  will compile all the acls including ACLs, CAPs and lids.ini into 
  one single file based on state. These files will be used when LIDS
  initialize or switch states.

5. Enjoy the new one. 

then configure the ACLs (man lidsconf), check example/lids.acl.sh for example).
then configure, compile and install the new patched kernel
then reboot and enjoy :)

There is some documentation and the FAQ in the doc/ directory.
You'll find the ACL examples in the example/ document. These ACL are
installed in /etc/lids during the make install. You are encouraged to 
flush them and make your own.

If you are experiencig problems, if you need help, if you want to 
report a bug, if you have a new bright idea or if you just want
to get in touch with the authors, you can use the following e-mail
addresses :

LIDS Mailing List 	<lids-user@lists.sourceforge.net>
Huagang XIE 		<xie@www.lids.org>

Enjoy,
LIDS Develop Team
April 2004
