Provided by: rsbac-klogd_1.4.0-repack-0ubuntu5_amd64 bug


       rklogd - RSBAC kernel log daemon.


       rklogd [ -s ] [ -a ] [ -l ] [ -p ] [ -f fname ] [ -u uid ] [ -n host ]


       rklogd  is  a  system  daemon  which  only intercepts and logs  RSBAC kernel messages to a
       separate log file. It is started by root and sets UID to 400.


       -a     Alert (sound) on NOT_GRANTED.

       -s     Use kernel syscalls instead "proc" file reading (if proc filesystem don't work).

       -p     Use file in /proc for message reading. Program use it way by default.

       -f file
              Log  messages  to   the   specified   filename.   By   default   messages   go   to
              SECOFF_HOME/security-out file .

       -u uid Change to the specified UID instead of the default 400.

       -l     Listen  for  network  connections.Log-server  mode.  Messages  will  copy  to <log-
              name>-fromnet file.

       -n hostname
              Copy messages to log-server on specified host.


       Standard  klogd  daemon can't read RSBAC kernel message buffers.  This  program  does  and
       sends  the  messages to a separate file.  You can protect this file using any RSBAC model,
       e.g. RC, so a possible intruder cannot delete security alert logs.


              kernel messages buffer.
       rklogd daemon itself.
              The file containing the process id of rklogd


       May be. Please, send patches, not changed files.


       I use some of klogd code.It  was originally written by  Steve  Lord  (,  Dr.
       Greg Wettstein ( made major improvements.
       RSBAC (c) Amon Ott <>
       rklogd (c) Stanislav Ievlev <>, some changes made by
              Amon Ott <>