README
--
Here is a description of each rexec kernel config options. You
can also see this in kernel config help.

1) Introduction.
After recompiling you kernel with rexec you will have a few, new
sysctl variables:
	log_exec
	obv_group

	max_arg_count
	max_arg_len
	max_env_len
	
	maxbin_uid
	not_restricted_grp 

- log_exec variable is use to set the logging system. It can have
4 different values:
	0 - do not log anything
	1 - log only the execve() which was canceled.
	2 - log all execve() calls.
	3 - log only the execve() of groups which you observe.
	    (obv_group)
- obv_group determines the groups which you want to observe. If
log_exec is different from '3' then this variable is ignored.

- max_arg_count variable can be 1 or more. It describes max
count of arguments.

- max_arg_len variable can be 1 or more - consider the value of variable
when setting it becouse if it's too low it can make the system unstable. 

- max_env_len does the same as max_arg_len but it relates to
environmental variables.

- maxbin_uid and not_restricted_grp
With not_restricted_grp, you can specify the group which is 
allowed to execute binary files, whose owner's uid is > than 
max_bin_uid.

Example:
	sysctl -w maxbin_uid=999
	sysctl -w not_restricted_grp=10

2) Sysctl support.
To see the value of each sysctl variable type:
	sysctl name_of_variable
To set the value of each sysctl variable type:
	sysctl -w name_of_variable=1
See also:
	man 2 sysctl

If you want to set some values of a rexec variable while the system is 
loading, edit /etc/sysctl.conf. The format looks like this:
	variable=value
For more information see: man 8 sysctl