User`s guide
Chapter 6. Hardening a Freeway Protogate Freeway Security Features User’s Guide (SFUG)
# For security:
# Add "TraceEnable Off" line to Apache config, if not already there
export AP_SCMD3="‘sed -e \"/^[Tt][Rr][Aa][Cc][Ee][Ee][Nn][Aa][Bb][Ll][Ee]
*
[Oo][Ff][Ff]/!d\" \
/usr/local/etc/apache22/httpd.conf |sed -e \"2,//d\"‘"
if [ "${AP_SCMD3}X" = "X" ]; then
if [ -f /read_only_mounts ]; then
mount -u -o rw /usr 2>/dev/null
fi
echo "TraceEnable Off" >> /usr/local/etc/apache22/httpd.conf
if [ -f /read_only_mounts ]; then
mount -u -o ro /usr 2>/dev/null
fi
fi
if [ ! -f /sbin/shutdown.wheel ]; then
if [ -f /read_only_mounts ]; then
mount -u -o rw / 2>/dev/null
fi
cp -p /sbin/shutdown /sbin/shutdown.wheel
chgrp wheel /sbin/shutdown.wheel
if [ -f /read_only_mounts ]; then
mount -u -o ro / 2>/dev/null
fi
fi
6.7. Enable Logging
Figure 6-7 shows how to configure and enable the syslogd daemon. See Chapter 3 for more details.
Figure 6-7. Configure and Enable the syslogd Daemon
export LOG_DIR="/var/log"
touch ${LOG_DIR}/all.log
touch ${LOG_DIR}/sra_err.log
touch ${LOG_DIR}/sra_notice.log
touch ${LOG_DIR}/sra_all.log
touch ${LOG_DIR}/sraweb_err.log
touch ${LOG_DIR}/sraweb_all.log
echo "
*
.
*
${LOG_DIR}/all.log" > /etc/syslog.conf
echo "local0.err ${LOG_DIR}/sra_err.log" >> /etc/syslog.conf
echo "local0.notice ${LOG_DIR}/sra_notice.log" >> /etc/syslog.conf
echo "local0.
*
${LOG_DIR}/sra_all.log" >> /etc/syslog.conf
echo "local1.err ${LOG_DIR}/sraweb_err.log" >> /etc/syslog.conf
echo "local1.
*
${LOG_DIR}/sraweb_all.log" >> /etc/syslog.conf
if [ -x /usr/sbin/syslogd ]; then
/usr/sbin/syslogd
fi
22 Protogate DC-908-3004A