Home Community User Groups Special Interest Groups NI Linux Real-Time NI Linux Real-Time Documents Document

NI Linux Real-Time Documents

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NI Linux Real-Time Security User Guide

by Active Participant on
‎09-18-2017 07:45 AM
- edited on ‎09-18-2017 07:48 AM by: Active Participant SEgeler

This document is a first-level guide for engineers working with products based on NI Linux Real-Time. We created it in joint efforts between NI Germany AE Specialists & NI Central Marketing. It was a lot of fun to work on a document that is meant to enable any first time Linux user to open terminal on NI Linux Real-Time and have first thoughts on security-related features. I'll keep it updated and I'm happy for questions & comment.

 

Audience is anyone who starts with NI Linux Real-Time, at least for the first half of the document. Preliminary knowledge of Linux systems is not necessary since basic Linux architecture and commands are explained where they are relevant within the sections.

 

The second half of the document is meant to give some easy introduction into security basics, including sample scripts and best practices. The document is intended to help to understand and implement best practices for administrating and securing a NI Linux Real-Time system (using primarily standard Linux components).

 

Individual sections provide step-by-step instructions and additional resources for further reading.

 

Contents

 

Contents.PNG


 

Document Status & Currently Used NI Linux Real-Time Release

Current state

Released

Version number

1.0.4-en

Date of last change

27.04.2017

Operating System

NI Linux Real-Time x64 4.1.15-rt17-4.0.0f0

Firmware

4.0.0f0 (installed with NI RIO 2016)

 

Document Link

http://www.ni.com/pdf/support/us/ni_linux_real-time_security_user_guide.pdf

 

Example Scripts

Download All
Comments
metux
Member
Member
on
‎03-04-2018 06:18 PM
‎03-04-2018 06:18 PM

And still running the whole application as root ?

Linux Embedded / Kernel Hacker / BSP / Driver development / Systems engineering
0 Kudos
SEgeler
Active Participant
Active Participant
on
‎03-27-2018 09:19 AM
‎03-27-2018 09:19 AM

You mean lvuser user rights? They are kind of extended, as lvuser claims direct access to other processes (like x11 related one), but lvuser has no root / superuser rights.

0 Kudos
metux
Member
Member
on
‎05-15-2018 11:52 PM
‎05-15-2018 11:52 PM

X11 on an embedded controller w/o any display ? What for ?
What exactly do you mean by "claims direct access to other processes" ?

How exactly are the hw devices (backplane and devices behind it) accessed - how is the access control done ?


Looking through the yocto configs (yocto is really horrible - better use ptxdist) .... why are you using softfp ?
And why the extra archs like armv4 ?

Why aren't you just using the linux standard watchdog infrastructure, but your own "/dev/niwatchdog" bricolage ?

And the most vital question: where's the driver source code for backplane and cards ?

 

 

Linux Embedded / Kernel Hacker / BSP / Driver development / Systems engineering
0 Kudos
Contributors