Section: Maintenance Commands (8)Updated: 10th May, 2001Local indexUp
InteractiveBastille - bastion a host using Bastille
This manual page documents
This manual page was written for the Debian GNU/Linux distribution
asks questions to the user in order to define what security measures
must be implemented on the current system. The intention is to both
educate administrators on security and harden the host's security.
The configuration file generated by
is then used by
to make the changes to the local system if the administrator agrees
to run the changes. In any case, the same configuration can be used
to harden other (similar) hosts non-interactively using
uses the following options:
Use the Perl/Tk (X11) GUI
(In Debian GNU/Linux this requires that the perl-tk package
Use the Curses (non-X11) GUI
(In Debian GNU/Linux this requires that the libcurses-perl package
Test mode only, the questions in the database are tested but nothing is done.
Ask all questions, even ones that do not apply.
Verbose mode, actions are printed to the logs and to STDOUT.
Log-only mode: no action is taken; only logs what changes would have been made.
All the filenames are prefixed with
(/etc/whatever becomes /PREFIX/etc/whatever). This option
could be used to commit changes to NFS filesystems, or file systems with
a different mount point than the current root (/) filesystem.
Configuration file which defines all the security measures selected by
the administrator to be enabled.