User`s guide
Protogate Freeway Security Features User’s Guide (SFUG) Appendix A. Sample rc.startsra File
echo "host line already in audit file -- will not tamper with it..."
else
echo "host:${B_FWY_SERVERNAME}" >> /etc/security/audit_control
fi
# If audit_user file has not been altered by any user, then
# add default settings for the 2 initial login accounts.
if [ 5 = ‘cat /etc/security/audit_user |wc -l‘ ]; then
echo "#" >> /etc/security/audit_user
echo "# These lines have been added to this file by the" >> /etc/security/audit_user
echo "# /usr/local/freeway/boot.src/rc.startsra command script," >> /etc/security/audit_user
echo "# to configure auditing of the 2 originally-configured" >> /etc/security/audit_user
echo "# Freeway Monitor users. To alter these settings, you should add" >> /etc/security/audit_user
echo "# echo statements in /usr/local/freeway/boot.src/rc.startsra.local," >> /etc/security/audit_user
echo "# rather than edit either /etc/security/audit_user or" >> /etc/security/audit_user
echo "# /ro/etc/security/audit_user directly; using echo statements" >> /etc/security/audit_user
echo "# will ensure that your changes are not lost or altered" >> /etc/security/audit_user
echo "# by any subsequent Freeway or Monitor software install." >> /etc/security/audit_user
echo "# See the echo statements near the end of" >> /etc/security/audit_user
echo "# /usr/local/freeway/boot.src/rc.startsra for examples." >> /etc/security/audit_user
echo "#" >> /etc/security/audit_user
echo "# All users which should be audited must be added here." >> /etc/security/audit_user
echo "#" >> /etc/security/audit_user
echo "user:ex,ap,aa,lo,ad,na,fm,fd,fc,fw,-fr:no" >> /etc/security/audit_user
echo "freeway:ex,ap,aa,lo,ad,na,fm,fd,fc,fw,-fr:no" >> /etc/security/audit_user
echo "#" >> /etc/security/audit_user
fi
# For a description of the format of the /etc/security/audit_user file,
# run "man audit_user". For the available event types, see the
# /etc/security/audit_class and /etc/security/audit_event files.
# Here is an example of how the audit_warn file could be used to
# zip and copy each audit trail file when it becomes full.
# This is commented out, but could be copied to rc.startsra.local
# and uncommented.
# if [ 6 = ‘cat /etc/security/audit_warn |wc -l‘ ]; then
#
# echo "#" >> /etc/security/audit_warn
# echo "# Added by /usr/local/freeway/boot.src/rc.startsra:" >> /etc/security/audit_warn
# echo "#" >> /etc/security/audit_warn
# echo "# Compress and move audit trail files when they are full." >> /etc/security/audit_warn
# echo "#" >> /etc/security/audit_warn
# echo "export DATEDIR=\"\‘date -u -v ’-5S’ ’+%Y%m%d’\‘\"" >> /etc/security/audit_warn
# echo "if [ \"\$1\" = closefile ]; then" >> /etc/security/audit_warn
# echo " /usr/bin/touch /var/save/\${DATEDIR}.audit_records.zip" >> /etc/security/audit_warn
# echo " /sbin/chown root:audit /var/save/\${DATEDIR}.audit_records.zip" >> /etc/security/audit_warn
# echo " /sbin/chmod 600 /var/save/\${DATEDIR}.audit_records.zip" >> /etc/security/audit_warn
# echo " /usr/local/bin/zip -r /var/save/\${DATEDIR}.audit_records.zip \$2" \
>> /etc/security/audit_warn
## echo " /usr/bin/touch \$2.txt" >> /etc/security/audit_warn
## echo " /sbin/chown root:audit \$2.txt" >> /etc/security/audit_warn
## echo " /sbin/chmod 600 \$2.txt" >> /etc/security/audit_warn
## echo " /usr/sbin/praudit -d ’|’ \$2 > \$2.txt" >> /etc/security/audit_warn
## echo " /sbin/chmod 400 \$2.txt" >> /etc/security/audit_warn
Protogate DC-908-3004A 35