User`s guide
Appendix A. Sample rc.startsra File Protogate Freeway Security Features User’s Guide (SFUG)
## echo " /usr/local/bin/zip -r /var/save/\${DATEDIR}.audit_records.zip \$2.txt" \
>> /etc/security/audit_warn
## echo " /sbin/rm -f \$2.txt" >> /etc/security/audit_warn
# echo "fi" >> /etc/security/audit_warn
#
# fi
# Start the kernel-level audit daemon.
/usr/sbin/auditd
# Add posixrules file to prevent creating unnecessary audit records
if [ -f /usr/share/zoneinfo/posixrules ]; then
echo "posixrules file exists."
else
if [ -f /read_only_mounts ]; then
mount -u -o rw /usr 2>/dev/null
fi
mkdir /usr/share/zoneinfo
chmod 755 /usr/share/zoneinfo
touch /usr/share/zoneinfo/posixrules
chmod 444 /usr/share/zoneinfo/posixrules
if [ -f /read_only_mounts ]; then
mount -u -o ro /usr 2>/dev/null
fi
fi
# Allow final local configuration overrides or additions
# (adding lines to /var/crontab, for example).
# rc.startsra.local2 can be created by customers to customize
# a specific Freeway, just like rc.startsra.local can,
# without the risk of being overwritten by the next software
# upgrade -- because software upgrades will not overwrite
# any rc.startsra.local
*
file.
if [ -f /tmp/boot/rc.startsra.local2 ]; then
. /tmp/boot/rc.startsra.local2
fi
# Add line to force close/reset of audit file now and every midnight
/usr/sbin/audit -n
if /usr/bin/grep -- "^[^#]
*
bin\/audit -n" /etc/crontab >/dev/null; then
echo "Audit file refresh command exists -- will not add again..."
else
echo "0 0
* * *
root /usr/sbin/audit -n" >> /etc/crontab
fi
# Allow logins
rm -f /var/run/nologin
##---------------- end of rc.startsra file ------------------------------
36 Protogate DC-908-3004A