Manualshelf

User's Manual

ManualsBrandsSolaris ManualsSoftwareCX-310-301
61626364656667686970
Solaris 9 Security CX-310-301 69
[NOTE] Copying /.profile from /opt/SUNWjass/Files/.profile.
=======================================================================
secure.driver: Finish script: print-jass-environment.fin
=======================================================================
JASS_ACCT_DISABLE
daemon bin adm lp uucp nuucp nobody smtp listen noaccess nobody4
smmsp
JASS_ACCT_REMOVE
smtp listen nobody4
JASS_AGING_MINWEEKS
[output truncated]
Updating an SST Run
SST should be run periodically to ensure that no changes made to the system have invalidated any of the
security modifications made when it was first run. This is definitely true if patches have subsequently been
installed which could undo some of the changes.
To update SST, simply run it again, or if you have created a modified script file to run, then execute the
modified one to install your own specific modifications.
Undoing SST
Each invocation of jass-execute creates a log of the run in the directory:
/var/opt/SUNWjass/run
To undo SST, enter the following command from the JASS directory and select the run, based on the fully
qualified date and time file that represents the jass run you want to undo:
# ./jass-execute –u
[NOTE] Executing driver, undo.driver
Please select a JASS run to restore through:
1. April 11, 2004 at 17:50:13 (//var/opt/SUNWjass/run/20040411175013)
Choice ('q' to exit)? 1
[NOTE] Restoring to previous run /var/opt/SUNWjass/run/20040411175013
====================================================
undo.driver: Driver started.
[output truncated]
This option is especially useful if you have installed patches, updated SST and then experienced problems
because you are able to backout only the latest changes, leaving all previous modifications intact.