Bastille_Drift - HP B2355-92068 Administration Manual

bastille_drift(1M)
NAME
bastille_drift - system configuration drift analyzer
SYNOPSIS
Path (Linux):
Path (HP-UX):
b
bastille_drift [--from_baseline [baseline] ]
bastille_drift [--save_baseline [baseline] ]

bastille_drift

DESCRIPTION
bastille_drift is a program for creating Bastille-configuration baselines and comparing the current state of
the system to a saved baseline. This enables the user to see what, if any, changes had occurred relative to
a saved baseline.
Note: When first run successfully, Bastille automatically saves a baseline in the default location (see
FILES below).
Here are the different operations for bastille_drift:
bastille_drift [--from_baseline [baseline] ]
Compare system state to specified (or default) baseline.
bastille_drift [--save_baseline [baseline] ]
Establish or update specified (or default) baseline.
bastille_drift
Compare system state to default baseline.
DIAGNOSTICS
The following are diagnostics for bastille_drift:
No Baseline exists with which to compare current state.
The default or specified baseline file doesn't exist. Either save a baseline to the named location, if
you'd specified one, or save a baseline to the default location.
Note: bastille will save a baseline to the default location on its first successful run.
Attempt to establish system state not successful.
bastille_drift ran bastille --assessnobrowser to establish system state, but the operation did not
succeed. The bastille_drift error log should contain enough detail to give the user sufficient informa-
tion to prevent reoccurrence.
Note that bastille_drift only detects a state change with regard to a configuration option manipu-
lated Bastille, at the same granularity as that covered by the original Bastille question. Also, in a
number of cases the input config will differ from the saved baseline. This is normal, and most often
involved either manual-action-required questions, questions that don't affect the system state, or cases
where no change was requested of Bastille, but bastille was able to detect and baseline the initial
state of the system.
Also, note that bastille baselines detect the configured state of the system. If only Bastille, SMH, or
SAM are used to configure the system, those will, usually coincide with the dynamic state of the
affected processes as well. In some cases, especially in the case of a manual file edit or configuration
change, bastille_drift may note a state different than the daemon.
Example: A user changed inetd.conf, but forgot to run inetd -c to ask inetd to reread its
configuration file.
If you need to be certain that the dynamic state matches the configured one, reboot the system.
DEPENDENCIES
Perl version 5.8.0 or greater, but 5.8.8 or greater is recommended for best performance.
100 Hewlett-Packard Company
($Date: 2007/06/14 22:10:10 $)
/usr/sbin
/opt/sec_mgmt/bastille/bin
− 1 −
HP-UX 11i Version 2: December 2007 Update
bastille_drift(1M)