Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX Reference > B

bastille_drift(1M)

HP-UX 11i Version 3: February 2007
» 

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

NAME

bastille_drift — system configuration drift analyzer

SYNOPSIS

Path (Linux): /usr/sbin

Path (HP-UX): /opt/sec_mgmt/bastille/bin

bastille_drift [ --from_baseline [ baseline ] ]

bastille_drift [ --save_baseline [ baseline ] ]

bastille_drift

DESCRIPTION

bastille_drift is a program for creating Bastille-configuration baselines and comparing the current state of the system to a saved baseline. This enables the user to see what, if any, changes had occurred relative to a saved baseline.

Note: When first run successfully, Bastille automatically saves a baseline in the default location (see FILES below).

Here are the different operations for bastille_drift:

bastille_drift [ --from_baseline [ baseline ] ]

  • Compare system state to specified (or default) baseline.

bastille_drift [ --save_baseline [ baseline ] ]

  • Establish or update specified (or default) baseline.

bastille_drift

  • Compare system state to default baseline.

DIAGNOSTICS

The following are diagnostics for bastille_drift:

No Baseline exists with which to compare current state.

  • The default or specified baseline file doesn't exist. Either save a baseline to the named location, if you'd specified one, or save a baseline to the default location.

  • Note: bastille will save a baseline to the default location on its first successful run.

Attempt to establish system state not successful.

  • bastille_drift ran bastille --assessnobrowser to establish system state, but the operation did not succeed. The bastille_drift error log should contain enough detail to give the user sufficient information to prevent reoccurrence.

  • Note that bastille_drift only detects a state change with regard to a configuration option manipulated Bastille, at the same granularity as that covered by the original Bastille question. Also, in a number of cases the input config will differ from the saved baseline. This is normal, and most often involved either manual-action-required questions, questions that don't affect the system state, or cases where no change was requested of Bastille, but bastille was able to detect and baseline the initial state of the system.

  • Also, note that bastille baselines detect the configured state of the system. If only Bastille, SMH, or SAM are used to configure the system, those will, usually coincide with the dynamic state of the affected processes as well. In some cases, especially in the case of a manual file edit or configuration change, bastille_drift may note a state different than the daemon.

  • EXAMPLE: a user changed inetd.conf, but forgot to run inetd -c to ask inetd to reread its configuration file.

  • If you need to be certain that the dynamic state matches the configured one, reboot the system.

DEPENDENCIES

Perl version 5.61.E or greater, but we recommend 5.8.8 or greater for best performance.

FILES

/var/opt/sec_mgmt/bastille/baselines (HP-UX)

/etc/Bastille/baselines (Linux)

  • Default location for baselines if path not specified

/var/opt/sec_mgmt/bastille/baselines/default_baseline (HP-UX)

  • Default location for baseline if file not specified. This is also where Bastille stores an initial baseline here on its first successful run.

/var/opt/sec_mgmt/bastille/log/Assessment/Drift.txt (HP-UX)

  • Location of drift report/diff resulting from assessment

SEE ALSO

perl(1), bastille(1M).



bastille
  		 


bdf  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.