Re: Solaris Basic Security ModuleFrom: Darren J Moffat (Darren.Moffat@Sun.COM)
- Previous message: Crist J. Clark: "PAM and FTP in Solaris 7"
- In reply to: boutros: "Solaris Basic Security Module"
- Next in thread: Greene Paul: "Re: Solaris Basic Security Module"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 17 Sep 2002 12:32:47 -0700 (PDT) From: Darren J Moffat <Darren.Moffat@Sun.COM> To: boutros <firstname.lastname@example.org>
On Mon, 16 Sep 2002, boutros wrote:
> Hello all,
> I was wondering if there is a quick way to check and see if the Sun
> Basic Security Module (BSM) has been enabled on a Solaris 8 box.
/etc/security/bsmconv does 3 things:
1. Enables auditd
It creates /etc/security/audit_startup which causes auditd to
run on reboot. To check look for a running auditd, its pid is
the first field of /etc/security/audit_data
2. Enables device allocation
3. Turns off L1-A
set abort_enable = 0 is in /etc/system
Note that this may change in future releases but it is something you
could have worked out by reading the /etc/security/bsmconv script.
In particular 2 and 3 may not exist in a future release or may work
a different way.
-- Darren J Moffat