Section: Maintenance Commands (8)Updated: 10th May, 2001Local indexUp
NAME
InteractiveBastille - bastion a host using Bastille
SYNOPSIS
InteractiveBastille
DESCRIPTION
This manual page documents
InteractiveBastille
briefly.
This manual page was written for the Debian GNU/Linux distribution
InteractiveBastille
asks questions to the user in order to define what security measures
must be implemented on the current system. The intention is to both
educate administrators on security and harden the host's security.
The configuration file generated by
InteractiveBastille
is then used by
BastilleBackEnd
to make the changes to the local system if the administrator agrees
to run the changes. In any case, the same configuration can be used
to harden other (similar) hosts non-interactively using
AutomatedBastille.
OPTIONS
InteractiveBastille
uses the following options:
-x
Use the Perl/Tk (X11) GUI
(In Debian GNU/Linux this requires that the perl-tk package
is installed)
-c
Use the Curses (non-X11) GUI
(In Debian GNU/Linux this requires that the libcurses-perl package
is installed)
-T,
Test mode only, the questions in the database are tested but nothing is done.
--norequires
Ask all questions, even ones that do not apply.
-v
Verbose mode, actions are printed to the logs and to STDOUT.
-l
Log-only mode: no action is taken; only logs what changes would have been made.
-r PREFIX
All the filenames are prefixed with
PREFIX
(/etc/whatever becomes /PREFIX/etc/whatever). This option
could be used to commit changes to NFS filesystems, or file systems with
a different mount point than the current root (/) filesystem.
FILES
/etc/Bastille/config
Configuration file which defines all the security measures selected by
the administrator to be enabled.