HP B2355-92068 Administration Manual page 98

bastille(1M)
DIAGNOSTICS
$DISPLAY not set, cannot use X interface...
You explicitly asked for the X interface using the -x option, but the DISPLAY environment variable
was not set. Set the environment variable to the desired display to correct the problem.
System is in original state...
You attempted to revert the files that Bastille changes with the -r option, but there were no changes
to revert.
b
Must run Bastille as root
Bastille must run as the root user, since the changes it makes configure the machine.
Troubleshooting
Error messages that cite problems with opening, copying, or reading files usually relate to NFS file systems
that do not trust the root user on the local machine. Please see the options parameter in the fstab(4) man-
page for details. Errors that complain about individual configuration files indicate that a system has been
too heavily modified for Bastille to make effective changes, or that the files, locations, or permissions of the
Bastille installation directories have been changed.
If Bastille is unable to complete a lockdown, you should receive errors or warnings. Analyze the errors or
warnings to determine if your lockdown was successfully applied. You may use the --assess option to aid in
this diagnostic. Once the system state that caused the abort is fixed, run bastille again to complete the
lockdown. This helps avoid cases where an incomplete lockdown can contribute to an inconsistent system
configuration.
EXAMPLES
Example 1
Run the Bastille X interface. This will create a configuration file which can be run either immediately by
Bastille after you have answered all of the questions, or saved for later use in a config file. See the FILES
section below.
bastille
Example 2
Run Bastille in batch mode. This will take the answers that were created interactively and apply them to
the machine.
bastille -b
Example 3
Perform an audit of the system to determine the state of the security settings on it, and place it in the audit
log locations (specified below).
bastille --assessnobrowser
DEPENDENCIES
• Perl version 5.8.0 or greater, but recommend 5.8.8 or greater for best performance
• Perl/Tk version 8.00.23 or greater
• Perl/Curses version 1.06 or greater (on Linux only)
FILES
/etc/Bastille/config
/etc/opt/sec_mgmt/bastille/config
The config file contains the answers to the most recently saved session
/var/log/Bastille/error-log
/var/opt/sec_mgmt/bastille/log/error-log
The error log contains any errors that Bastille encountered while making changes to the system.
/var/log/Bastille/action-log
/var/opt/sec_mgmt/bastille/log/action-log
98 Hewlett-Packard Company
(Linux)
(HP-UX)
(Linux)
(HP-UX)
(Linux)
(HP-UX)
− 3 −
HP-UX 11i Version 2: December 2007 Update
bastille(1M)