From Friday, April 19th (11:00 PM CDT) through Saturday, April 20th (2:00 PM CDT), 2024, ni.com will undergo system upgrades that may result in temporary service interruption.

We appreciate your patience as we improve our online experience.

NI Linux Real-Time Documents

cancel
Showing results for 
Search instead for 
Did you mean: 

NI Linux Real-Time Security User Guide

This document is a first-level guide for engineers working with products based on NI Linux Real-Time. We created it in joint efforts between NI Germany AE Specialists & NI Central Marketing. It was a lot of fun to work on a document that is meant to enable any first time Linux user to open terminal on NI Linux Real-Time and have first thoughts on security-related features. I'll keep it updated and I'm happy for questions & comment.

 

Audience is anyone who starts with NI Linux Real-Time, at least for the first half of the document. Preliminary knowledge of Linux systems is not necessary since basic Linux architecture and commands are explained where they are relevant within the sections.

 

The second half of the document is meant to give some easy introduction into security basics, including sample scripts and best practices. The document is intended to help to understand and implement best practices for administrating and securing a NI Linux Real-Time system (using primarily standard Linux components).

 

Individual sections provide step-by-step instructions and additional resources for further reading.

 

Contents

 

Contents.PNG


 

Document Status & Currently Used NI Linux Real-Time Release

Current state

Released

Version number

1.0.4-en

Date of last change

27.04.2017

Operating System

NI Linux Real-Time x64 4.1.15-rt17-4.0.0f0

Firmware

4.0.0f0 (installed with NI RIO 2016)

 

Document Link

http://www.ni.com/pdf/support/us/ni_linux_real-time_security_user_guide.pdf

 

Example Scripts

Comments
metux
Member
Member
on

And still running the whole application as root ?

Linux Embedded / Kernel Hacker / BSP / Driver development / Systems engineering
SEgeler
Active Participant
Active Participant
on

You mean lvuser user rights? They are kind of extended, as lvuser claims direct access to other processes (like x11 related one), but lvuser has no root / superuser rights.

metux
Member
Member
on

X11 on an embedded controller w/o any display ? What for ?
What exactly do you mean by "claims direct access to other processes" ?

How exactly are the hw devices (backplane and devices behind it) accessed - how is the access control done ?


Looking through the yocto configs (yocto is really horrible - better use ptxdist) .... why are you using softfp ?
And why the extra archs like armv4 ?

Why aren't you just using the linux standard watchdog infrastructure, but your own "/dev/niwatchdog" bricolage ?

And the most vital question: where's the driver source code for backplane and cards ?

 

 

Linux Embedded / Kernel Hacker / BSP / Driver development / Systems engineering
Contributors