Has anyone got Bastille-linux running on Centos-5.6? http://bastille-linux.sourceforge.net claims RHEL5 support but I ran into problems running it on a Centos 5.6 test system. First I had to "ln -s /usr/lib64/Bastille /usr/lib" just to get it to run at all. Then I tried faking /etc/redhat-release with Red Hat Enterprise Linux Server release 5.6 ... but I get this (why would it want "HPSpecific.pm" !!!???: [root at slice244:sting ~]# bastille --assessnobrowser ERROR: Couldn't determine Red Hat version! Setting to 9! ERROR: Couldn't determine Red Hat version! Setting to 9! NOTE: Using audit user interface module. Can't locate Bastille/API/HPSpecific.pm in @INC (@INC contains: /usr/lib /usr/lib/perl5/site_perl//5.8.8 /usr/lib/perl5/site_perl/ /usr/lib/Bastille /opt/sec_mgmt/bastille/lib /opt/sec_mgmt/bastille/lib/API /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl /usr/lib/perl5/site_perl/5.6.0/i386-linux /usr/lib64/perl5/site_perl/5.8.8/x86_64-linux-thread-multi /usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl /usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/5.8.8) at /usr/lib/Bastille/IOLoader.pm line 8. BEGIN failed--compilation aborted at /usr/lib/Bastille/IOLoader.pm line 8. Compilation failed in require at /usr/sbin/InteractiveBastille line 414. Trying to force with "--os RHEL5" just gives the usage message!!! <winge> doncha just hate that? wouldn't hurt the developer to tell you what's actually wrong rather than just the blummin usage message!!! </winge> Usage: bastille [ -b | -c | -x ] [ --os <version>] [ -f <alternate config> ] bastille [-r | -l | -h | --assess | --assessnobrowser ] -b : use a saved config file to apply changes directly to system -c : use the Curses (non-X11) GUI, not available on HP-UX -h : this help -f : populate answers with alternate configuration file -r : revert Bastille changes to original file versions (pre-Bastille) -l : list the standard config file(s) (if any) that matches the last run config --os version : ask all questions for the given operating system version. e.g. --os HP-UX11.11 -x : use the Perl/Tk (X11) GUI --assess / -a : run Bastille in assessment mode, generating a report and displaying it in a browser --assessnobrowser : run Bastille in assessment mode, generating a report with no browser TIA -- Bob Hepple <bhepple at promptu.com> ph: 07-5584-5908 Fx: 07-5575-9550
On Fri, Jun 3, 2011 at 1:57 AM, Bob Hepple <bhepple at promptu.com> wrote:> http://bastille-linux.sourceforge.net claims RHEL5 support but I ran > into problems running it on a Centos 5.6 test system.It also claims that "Bastille UNIX release coming January 14th, 2008." ;-) Looks like abandon-ware, unfortunately. It was a good idea, really. BR Bent
On Thu, Jun 2, 2011 at 7:57 PM, Bob Hepple <bhepple at promptu.com> wrote:> Has anyone got Bastille-linux running on Centos-5.6?Nope, but I have a hardening document that I wrote up for an earlier version of Red Hat that might be applicable -- I incorporated the Bastille recommendations into my documentation rather than just running the package because I wanted to know what each thing was doing. Let me know if you'd like me to see if I can dig that up. Regards, M -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110603/fae56cb7/attachment-0003.html>
On Fri, 3 Jun 2011 01:15:14 -0400 Meenoo Shivdasani <meenoo at gmail.com> wrote:> On Thu, Jun 2, 2011 at 7:57 PM, Bob Hepple <bhepple at promptu.com> wrote: > > > Has anyone got Bastille-linux running on Centos-5.6? > > > Nope, but I have a hardening document that I wrote up for an earlier version > of Red Hat that might be applicable -- I incorporated the Bastille > recommendations into my documentation rather than just running the package > because I wanted to know what each thing was doing. > > Let me know if you'd like me to see if I can dig that up. > > Regards, > > MThanks for that - it might be of general interest so why not!! If it's not too hard to find. Here's another one I found: http://www.puschitz.com/SecuringLinux.shtml Cheers Bob -- Bob Hepple <bhepple at promptu.com> ph: 07-5584-5908 Fx: 07-5575-9550