WEB HOSTING Y DISEñO DE PÁGINAS WEB

/etc/security/bsmconv

This script is used to enable the Basic Security Module (BSM).

Shall we continue with the conversion now? [y/n] y

bsmconv: INFO: checking startup file.
bsmconv: INFO: move aside /etc/rc3.d/S81volmgt.
bsmconv: INFO: turning on audit module.
bsmconv: INFO: initializing device allocation files.

The Basic Security Module is ready.
If there were any errors, please fix them now.
Configure BSM by editing files located in /etc/security.

Reboot this system now to come up with BSM enabled.

# vi /etc/security/audit_control


dir:/var/audit
flags:lo,ad
naflags:lo,ad
#
#    lo - login/logout events
#    ad - administrative actions: mount, exportfs, etc.
#    pc - process operations: fork, exec, exit, etc.
#    fc - file creation
#    fd - file deletion
#    fm - change of object attributes: chown, flock, etc

vi /etc/security/newauditlog.sh

#!/sbin/sh

#
# newauditlog.sh - Start a new audit file and expire the old logs

PATH=/usr/bin:/usr/sbin
#
# If the disk space isn't sufficient to retain logs on a month, # lower
this value from 30 to 7

AUDIT_EXPIRE=30 

AUDIT_DIR="/var/audit"

LOG_DIR=/var/audit/logs

for i in `ls ${AUDIT_DIR} | grep -v not_terminated | grep -v logs`
do
compress ${AUDIT_DIR}/${i}
mv ${AUDIT_DIR}/${i}.Z ${LOG_DIR}/${i}.Z
done

# Delete old log files

cd ${AUDIT_DIR} # in case it is a link
find . ${LOG_DIR} -type f -mtime +${AUDIT_EXPIRE} \
-exec rm {} > /dev/null 2>&1 \;
exit 0


chmod 500 /etc/security/newauditlog.sh

Regresar