Operating System - HP-UX
1833875 Members
1962 Online
110063 Solutions
New Discussion

Bastille error in /etc/nsswitch.conf and trusted mode

 
robert fowler_1
Advisor

Bastille error in /etc/nsswitch.conf and trusted mode

Hi

i am running bastile on 15 hp-ux11i systems some sytems work fine but some come back with the error below.

I have eddited the nsswitch.conf and it only references dns and files. Anyone know what the problem is ???

---------------------------------
Trusted Systems:
---------------------------------
Bastille found a possible conflict between trusted mode and /etc/nsswitch.conf. Please remove all references to "compat", "nis" and "ldap" in /etc/nsswitch.conf and rerun Bastille, or use SAM to
- convert to trusted mode
- set trusted mode password policies
- enable auditing

The security settings can be modified by running SAM as follows:
# sam
2 REPLIES 2
Steven E. Protter
Exalted Contributor

Re: Bastille error in /etc/nsswitch.conf and trusted mode

You've tried copying the nsswitch.conf file from a working trusted system to one that gets the error.

Then you re-ran Bastille and still go the error.

If this is true, it may be a bug. Whether or not you have a support contract, HP probably wants to hear about any bugs in this release, which they ported.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Keith Buck
Respected Contributor

Re: Bastille error in /etc/nsswitch.conf and trusted mode

Did the timestamp relating to the TODO item correspond to the first run of Bastille or the second? Since the TODO list is a list of things that were either too hard or inadvisable to automate, the automation support is minimal :(

Bastille never deletes a TODO item from the list, so it's possible that it is just leftover from the previous run.

You could try moving the current TODO.txt out of the way and then re-running bastille -b and see if the message is still there.

Hope that helps.

-Keith