===== Compact way of setting rsbac boot parameters =====

Recently a new way of setting rsbac boot parameters has been added. To avoid very long boot loader command lines, you can now pass a numerical argument, calculated according to the attached table. 

^ Boot parameter ^ Numerical value ^
| rsbac_softmode | 1 |
| rsbac_softmode_once | 2 |
| rsbac_softmode_never| 4 |
| rsbac_softmode_freeze | 8 |
| rsbac_um_no_excl | 16 |
| rsbac_auth_learn | 32 |
| rsbac_acl_learn_fd | 64 |
| rsbac_cap_log_missing | 128 |
| rsbac_jail_log_missing | 256 |
| rsbac_dac_disable | 512 |
| rsbac_no_delay_init | 1024 |
| rsbac_no_defaults | 2048 |
| rsbac_nosyslog | 4096 |
| rsbac_cap_process_hiding | 8192 |

As you can see, these are just a power of two, the most simple yet powerful encoding scheme. 

Example:

Say you would like to have rsbac_nosyslog, rsbac_cap_process_hiding, rsbac_cap_log_missing, rsbac_jail_log_missing set on every boot (actually it comes from my machines). To achieve this in a traditional way, a very long boot parameter line would have to be used - and remember, it cannot be of arbitrary sizes, it is limited (to 1024 bytes, from what I remember).

With the numerical encoding scheme you just calculate 4096+8192+128+256 = 12672 and write:

<code>
rsbac_flags = 12672
</code>

as the kernel command line. That's it, compact and elegant.