Login or Register to Ask a Question and Join Our Community


Solaris

dfstab Security Questions

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris dfstab Security Questions
# 1  
Old 02-22-2011
dfstab Security Questions
Hello,

I am in the middle of a security audit (Soalris 10) and have been given the following directives regarding my dfstab file:
  1. The SA will ensure the NFS server is configured to deny client access requests that do not include a userid.
  2. The SA will ensure access to exported filesystems is restricted to local hosts via the export configuration file.
My dfstab file looks like this:
Code:
share -F nfs -d "Eonstor" /raid0 #EonStor/Infotrend
share -F nfs -d "Excess" /raid1 #DotHil logical disk 2

Regarding item #1, I think it has something to do w/ the sec=<mode> option, but I can't say for sure.

Regarding item #2, the security report implied it was a dfstab problem because it showed the dfstab output as needing modification, but the verbiage suggests another file is involved.

Any help would be greatly appreciated. Thanks in advance.

Ken
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. Solaris

Help with parsing regex in tripwire for Solaris 10 dfstab FQDN

Help with parsing regex in tripwire: the rule is" This test verifies that all exported file systems found in /etc/exports specify a fully qualified domain name containing "thecss.com" or a NIS netgroup.." regex that does not work is : ... (1 Reply)
Discussion started by: bathija12
1 Replies

2. Solaris

Help with parsing regex in tripwire for Solaris 10 dfstab

Help with parsing regex in tripwire: the rule is" This test verifies that exported file systems do not have the "root=<host>" option specified." regex that does not work is : ^.*-o+(?=root=\S+|\S+,root=\S+).* the dfstab looks like this : # cat /etc/dfs/dfstab # Place... (1 Reply)
Discussion started by: bathija12
1 Replies

3. Homework & Coursework Questions

Print questions from a questions folder in a sequential order

1.) I am to write scripts that will be phasetest folder in the home directory. 2.) The folder should have a set-up,phase and display files I have written a small script which i used to check for the existing users and their password. What I need help with: I have a set of questions in a... (19 Replies)
Discussion started by: moraks007
19 Replies

4. UNIX for Dummies Questions & Answers

Basic security questions

Hey guys, I've seen this posted a few times when i searched but I kinda want to know the cleanest way of doing it. On Solaris 8 and Solaris 9 What is the best way to disable telnet ssh1 and remote root login premanently? I've seen posts that say edit /etc/services edit this edit that... (3 Replies)
Discussion started by: kingdbag
3 Replies

5. UNIX for Dummies Questions & Answers

Updated /etc/dfs/dfstab

Solaris 8. So i updated dfstab and added computer2.acme.com i.e: share -F nfs rw=computer1.acme.com,computer2.acme.com /export/home how do I get the daemon to recognize the change, without kicking computer1.acme.com off? kill -HUP or /etc/init.d/nfsd stop /etc/init.d/nfsd start or... (1 Reply)
Discussion started by: benq70
1 Replies
Login or Register to Ask a Question

LEARN ABOUT REDHAT

audit_data

audit_data(4)							   File Formats 						     audit_data(4)

NAME

       audit_data - current information on audit daemon

SYNOPSIS

       /etc/security/audit_data

DESCRIPTION

       The  audit_data file contains information about the audit daemon. The file contains the process ID of the audit daemon, and the pathname of
       the current audit log file. The format of the file is:

	      pid>:<pathname>

       Where pid is the process ID for the audit daemon, and pathname is the full pathname for the current audit log file.

EXAMPLES

       Example 1: A sample audit_data file.

       64:/etc/security/audit/server1/19930506081249.19930506230945.bongos

FILES

       /etc/security/audit_data

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Obsolete			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       audit(1M), auditd(1M), bsmconv(1M), audit(2), audit_control(4), audit.log(4)

NOTES

       The functionality described on this manual page is internal to audit(1M) and might not be supported in a future release.

       The auditd utility is the only supported mechanism to communicate with auditd(1M). The current audit log can be determined by examining the
       configured audit directories. See audit_control(4).

       The  functionality described on this manual page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for
       more information.

SunOS 5.10							    14 Nov 2002 						     audit_data(4)