Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Administering a System: Managing System Security
HP-UX Bastille
Chapter 8 823
Interactive Configuration
CAUTION Since the interactive configuration uses an insecure GUI, it is important
that you review “Security Considerations” on page 816 before proceeding.
Bastille uses a series of questions, extracted from the file
/etc/sec_mgmt/bastille/Questions.txt, to prepare the configuration
file, /etc/sec_mgmt/bastille/config. The questions and explanations
relevant to HP-UX are displayed in Appendix B, “Configuring HP-UX
Bastille: Interview,” on page 963.
When you start Bastille, it displays the following messages:
# bastille
NOTE: Valid display found; defaulting to Tk (X) interface.
NOTE: Using Tk user interface module.
NOTE: Only displaying questions relevant to the current configuration.
If this is the first time, it displays the terms of use and asks you to accept
them.
...
You must accept the terms of this disclaimer to use
Bastille. Type "accept" (without quotes) within 5
minutes to accept the terms of the above disclaimer
>
Then, Bastille analyzes your system to determine the current lockdown
state and the questions that will result in increased lockdown.
NOTE: Bastille is scanning the system configuration...
If there is no configuration file, it prepares the questions with default
answers.
NOTE: Could not open config file /etc/opt/sec_mgmt/bastille/config, defaults
used.
If the configuration file exists, Bastille uses those answers as the initial
answers to the questions.
NOTE: Existing config file found. Populating answers...