Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2012 03:25 AM
02-16-2012 03:25 AM
bastille
Got a defect identified by the testers in our newly built VM host. How to get rid of this
#> bastille -l
NOTE: The system is in its pre-bastilled state.
#pwd
/etc/opt/sec_mgmt/bastille
#> ll
total 112
-r-xr-xr-x 1 bin bin 209 Mar 3 2011 Modules.txt
dr-xr-xr-x 3 bin bin 8192 Jan 7 13:55 OSMap
dr-xr-xr-x 2 bin bin 8192 Jan 7 13:55 Questions
dr-xr-xr-x 4 bin bin 96 Jan 7 13:55 configs
-r-xr-xr-x 1 bin bin 814 Mar 3 2011 ipf.customrules
-r-xr-xr-x 1 bin bin 986 Mar 3 2011 jail.bind.hpux
-r-xr-xr-x 1 bin bin 823 Mar 3 2011 jail.bind9.hpux
-r-xr-xr-x 1 bin bin 1643 Mar 3 2011 jail.generic.hpux
dr-xr-xr-x 2 bin bin 96 Jan 7 13:55 mx
#>
In another normal server:
# pwd
/etc/opt/sec_mgmt/bastille
#
# ll
total 128
-rw------- 1 root sys 0 Jun 20 2008 .nodisclaimer
-r-xr-xr-x 1 bin bin 197 Dec 7 2007 Modules.txt
dr-xr-xr-x 3 bin bin 8192 Jun 18 2008 OSMap
dr-xr-xr-x 2 bin bin 8192 Jun 18 2008 Questions
-r----x--- 1 bin bin 6105 Jun 20 2008 config
dr-xr-xr-x 4 bin bin 96 Jun 18 2008 configs
-r-xr-xr-x 1 bin bin 814 Dec 7 2007 ipf.customrules
-r-xr-xr-x 1 bin bin 986 Dec 7 2007 jail.bind.hpux
-r-xr-xr-x 1 bin bin 823 Dec 7 2007 jail.bind9.hpux
-r-xr-xr-x 1 bin bin 1643 Dec 7 2007 jail.generic.hpux
dr-xr-xr-x 2 bin bin 96 Jun 18 2008 mx
# bastille -l
The last bastille run corresponds to the following profiles:
/etc/opt/sec_mgmt/bastille/config
#
- Tags:
- bastille
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2012 05:18 AM
02-16-2012 05:18 AM
Re: bastille
/etc/opt/sec_mgmt/bastille#> bastille -b -f config
NOTE: Entering Critical Code Execution.
Bastille has disabled keyboard interrupts.
NOTE: Bastille is scanning the system configuration...
FATAL: A fatal error has occurred. Not all of the questions
that pertain to this system have been answered. Rerun
the interactive portion of Bastille on this system.
MODULE.QUESTION=AccountSecurity.cronuser
/etc/opt/sec_mgmt/bastille#>
I copied config file from another server and gave it appropriate permissions but I got the above err
Can someone please suggest
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2012 03:11 PM
02-16-2012 03:11 PM
Re: bastille
It's possible you have a newer version of Bastille software installed on the new server, and the MODULE question it's looking for is not there.
Compare versions on both systems:
# swlist -l product -a revision | grep -i bastille
I would just do what it's suggesting: "Rerun the interactive portion of Bastille on this system."
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2012 01:34 AM
02-20-2012 01:34 AM
Re: bastille
Hello Henry This could be of some interest
Normal server:
# bastille -l
The last bastille run corresponds to the following profiles:
# swlist -l product -a revision | grep -i bastille
Bastille B.3.0.31
# uname -a
HP-UX <vmhost> B.11.31 U ia64 3565873559 unlimited-user license
#
Newly built server(has bastille issue):
:/etc/opt/sec_mgmt/bastille #> bastille -b -f config
NOTE: Entering Critical Code Execution.
Bastille has disabled keyboard interrupts.
NOTE: Bastille is scanning the system configuration...
FATAL: A fatal error has occurred. Not all of the questions
that pertain to this system have been answered. Rerun
the interactive portion of Bastille on this system.
MODULE.QUESTION=AccountSecurity.cronuser
:/etc/opt/sec_mgmt/bastille #>
:/ #> swlist -l product -a revision | grep -i bastille
Bastille B.3.3.01
#>uname -a
HP-UX <vmhost> B.11.31 U ia64 1392496050 unlimited-user license
/etc/opt/sec_mgmt/bastille #>
please suggest
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2012 03:19 AM
02-20-2012 03:19 AM
Re: bastille
but not sure if it is a simple procedure of swremove and then swinstall
pls suggest
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2012 04:30 AM
02-20-2012 04:30 AM
Re: bastille
I would just do what it's suggesting: "Rerun the interactive portion of Bastille on this system."
How would I do this...
etc/opt/sec_mgmt/bastille #> bastille
NOTE: $DISPLAY not set. Attempting Curses interface.
NOTE: Using Curses user interface module.
NOTE: Only displaying questions relevant to the current configuration.
ERROR: Could not load the 'Curses.pm' interface module.This may be due to an
invalid $DISPLAY setting,or the module not being visible to Perl.
etc/opt/sec_mgmt/bastille #>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2012 05:36 AM
02-20-2012 05:36 AM
Re: bastille
Consider to download something like "mobaxterm" to your PC, run it and ssh to the server.
Hope this helps!
Regards
Torsten.
__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2012 07:19 AM
02-20-2012 07:19 AM
Re: bastille
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2012 07:23 AM
02-20-2012 07:23 AM
Re: bastille
you have still this message.
Hope this helps!
Regards
Torsten.
__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2012 08:09 AM - edited 02-20-2012 08:12 AM
02-20-2012 08:09 AM - edited 02-20-2012 08:12 AM
Re: bastille
trying..but failing :-(
:/ #> export DISPLAY=`hostname`
:/ #> xhost + `hostname`
xhost: unable to open display "xxx-yyy-vmhost"
:/ #>
:/ #> export DISPLAY=`hostname`:0.0
:/ #> xhost +
xhost: unable to open display "xxx-yyy-vmhost:0.0"
:/ #>