We assume that the files redhatbop.tgz, bop.tgz and fu4.0-1patch.tgz are in /tmp

Kernel patch installation (version 2.2.12-20):

	1) go to /usr/src: cd /usr/src
	2) unpack the patch: gzip -d < /tmp/redhatbop.tgz | tar -xf -
	3) standard kernel configuration: make config or make xconfig
	4) run the script Make_patch: ./Make_patch
	5) apply the patch file patch2.2.12: patch < patch2.2.12
           NOTE: There could be changes in the syntax of the patch command
		 depending on the distribution and the version of Linux.
	6)Compile the kernel: make dep; make zImage 
	7)Install it
	
Compilation of the new command "aclmng":

	1) create the directory "/etc/bop": mkdir /etc/bop
	2) go to "/etc/bop": cd /etc/bop
	3) unpack the command source: gzip -d < /tmp/bop.tgz | tar -xvf -
	4) compile: gcc -o aclmng aclmng.c

Installation of the patch to chmod (package fileutils-4.0-1.src.rpm ):

	1) Install the package of the "fileutils" sources:
	   "rpm -i fileutils-4.0-1.src.rpm"
           and check the path of the directory created by rpm.
	   Unfortunately, this depends strongly on the distribution.
	   Hereafter we assume a redhat distribution. The directory
	   in this case is /usr/src/redhat/SOURCES/fileutils-4.0.    
	2) go to the parent of the directory which contains the sources
	   of the "fileutils" (/usr/src/redhat/SOURCES for the redhat):
	   cd /usr/src/redhat/SOURCES
        3) unpack fu4.0-1patch.tgz: gzip -d < /tmp/fu4.0-1patch.tgz | tar -xvf-

	4) apply the two patches: chmod_src.patch and chmod_man.patch:
	   "patch < chmod_src.patch"
	   "patch < chmod_man.patch"

	5) compile and install the package	

Restart the system.

NOTES: 1) To find messages sent to the syslog by the modified commands and by
          the system calls, look for strings with the "BOP" prefix

       2) The chmod command sends a three lines message to the syslog when a
          new pair of programs is inserted in the database.

       3) The priority of the messages sent to the syslog is 4 (warning).

       4) To enable/disable the controls within the kernel, run the command:
          /etc/bop/aclmng -L 

       5) Everytime there is a change in the file access rights, the entries
          in the ACL for that file are removed.

       6) To add entries in the ACL of a executable file it is necessary to
          change its access rights.
          To add entries WITHOUT any REAL change in the file mode, it is
          necessary to make a "double change" which resets the
	  mode to the original one. For instance, suppose you have
	  in.ftpd with mode equal to 755 (-rwxr-xr-x) and you want to add 
 	  program "/bin/foo" to the ACL for in.ftpd:

		 #chmod -v 700 in.ftpd
	      	 #chmod -v 755 -p=/bin/foo in.ftpd

	  To remove the entry /bin/foo:

	  	 #chmod -v 700 in.ftpd 
		 #chmod -v 755 in.ftpd 
