Has anyone got Bastille-linux running on Centos-5.6?
http://bastille-linux.sourceforge.net claims RHEL5 support but I ran
into problems running it on a Centos 5.6 test system.
First I had to "ln -s /usr/lib64/Bastille /usr/lib" just to get it to
run at all. Then I tried faking /etc/redhat-release with
Red Hat Enterprise Linux Server release 5.6
... but I get this (why would it want "HPSpecific.pm" !!!???:
[root at slice244:sting ~]# bastille --assessnobrowser
ERROR: Couldn't determine Red Hat version! Setting to 9!
ERROR: Couldn't determine Red Hat version! Setting to 9!
NOTE: Using audit user interface module.
Can't locate Bastille/API/HPSpecific.pm in @INC (@INC contains: /usr/lib
/usr/lib/perl5/site_perl//5.8.8 /usr/lib/perl5/site_perl/ /usr/lib/Bastille
/opt/sec_mgmt/bastille/lib /opt/sec_mgmt/bastille/lib/API
/usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl
/usr/lib/perl5/site_perl/5.6.0/i386-linux
/usr/lib64/perl5/site_perl/5.8.8/x86_64-linux-thread-multi
/usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl
/usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/5.8.8) at
/usr/lib/Bastille/IOLoader.pm line 8.
BEGIN failed--compilation aborted at /usr/lib/Bastille/IOLoader.pm line 8.
Compilation failed in require at /usr/sbin/InteractiveBastille line 414.
Trying to force with "--os RHEL5" just gives the usage message!!!
<winge>
doncha just hate that? wouldn't hurt the developer to tell you what's
actually wrong rather than just the blummin usage message!!!
</winge>
Usage: bastille [ -b | -c | -x ] [ --os <version>] [ -f
<alternate config> ]
bastille [-r | -l | -h | --assess | --assessnobrowser ]
-b : use a saved config file to apply changes
directly to system
-c : use the Curses (non-X11) GUI, not available on HP-UX
-h : this help
-f : populate answers with alternate configuration file
-r : revert Bastille changes to original file versions (pre-Bastille)
-l : list the standard config file(s) (if any) that matches the last
run config
--os version : ask all questions for the given operating system
version. e.g. --os HP-UX11.11
-x : use the Perl/Tk (X11) GUI
--assess / -a : run Bastille in assessment mode, generating a report
and displaying it in a browser
--assessnobrowser : run Bastille in assessment mode, generating a
report with no browser
TIA
--
Bob Hepple <bhepple at promptu.com>
ph: 07-5584-5908 Fx: 07-5575-9550
On Fri, Jun 3, 2011 at 1:57 AM, Bob Hepple <bhepple at promptu.com> wrote:> http://bastille-linux.sourceforge.net claims RHEL5 support but I ran > into problems running it on a Centos 5.6 test system.It also claims that "Bastille UNIX release coming January 14th, 2008." ;-) Looks like abandon-ware, unfortunately. It was a good idea, really. BR Bent
On Thu, Jun 2, 2011 at 7:57 PM, Bob Hepple <bhepple at promptu.com> wrote:> Has anyone got Bastille-linux running on Centos-5.6?Nope, but I have a hardening document that I wrote up for an earlier version of Red Hat that might be applicable -- I incorporated the Bastille recommendations into my documentation rather than just running the package because I wanted to know what each thing was doing. Let me know if you'd like me to see if I can dig that up. Regards, M -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110603/fae56cb7/attachment-0003.html>
On Fri, 3 Jun 2011 01:15:14 -0400 Meenoo Shivdasani <meenoo at gmail.com> wrote:> On Thu, Jun 2, 2011 at 7:57 PM, Bob Hepple <bhepple at promptu.com> wrote: > > > Has anyone got Bastille-linux running on Centos-5.6? > > > Nope, but I have a hardening document that I wrote up for an earlier version > of Red Hat that might be applicable -- I incorporated the Bastille > recommendations into my documentation rather than just running the package > because I wanted to know what each thing was doing. > > Let me know if you'd like me to see if I can dig that up. > > Regards, > > MThanks for that - it might be of general interest so why not!! If it's not too hard to find. Here's another one I found: http://www.puschitz.com/SecuringLinux.shtml Cheers Bob -- Bob Hepple <bhepple at promptu.com> ph: 07-5584-5908 Fx: 07-5575-9550