- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Recreating / .secure/etc/audnames file ?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2005 01:21 AM
02-16-2005 01:21 AM
Recreating / .secure/etc/audnames file ?
We have a superdome based system that has been set up as a trusted system. My problem is that there are no files in /.secure/etc
Therefore sam bombs out if you try to start any form of auditing. If I have read thin gs correctly those files are created when the system is converted to trusted mode. Is there anyway of recreating those files (in particular audnames) without unconvering the system then reconverting it again ?
Sorry if I've missed something obvious here...all new territory to me :-)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2005 01:27 AM
02-16-2005 01:27 AM
Re: Recreating / .secure/etc/audnames file ?
Sure you can create them manually but I would suggest you create a separate filesystem for /.secure as it can grow *quite* large & you wouldn't want to fill /
The default structure is as follows:
./secure
./secure/etc
./secure/etc/audfile1
./secure/etc/audfile2
HTH,
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2005 01:29 AM
02-16-2005 01:29 AM
Re: Recreating / .secure/etc/audnames file ?
/.secure/etc/audnames
will look like
/.secure/etc/audfile1,1000
/.secure/etc/audfile2,2000
Of course your mileage can vary - make them an appropriate size of course.
Rgds,
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2005 01:57 AM
02-16-2005 01:57 AM
Re: Recreating / .secure/etc/audnames file ?
Look at the mnpage of audsys
To make sure it isnt running do
audsys -f
Then you can restart auditing (be careful to choose adequate files/sizes or see man audsys):
cd /.secure/etc
audsys -n -c aud2 -s 1000 -x aud3 -z 1000
Note:You can check /etc/rc.config.d/auditing and use the arguments specified for audsys -n if they exist,
cat /etc/rc.config.d/auditing
[....]
PRI_AUDFILE=/.secure/etc/audfile2
PRI_SWITCH=1000
SEC_AUDFILE=/.secure/etc/audfile3
SEC_SWITCH=1000
Thencheck that /.secure/etc/audfile* are written to.
Steve Steel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2005 02:33 AM
02-16-2005 02:33 AM
Re: Recreating / .secure/etc/audnames file ?
Sorry if it seems such a simple question :-)
Thanks for your time and patience.
Cheers
James