Navigation

Understanding the Software Components

This entry was posted in Networking, Solaris Administration and tagged , , on June 17, 2012, by

This section provides an overview of the structure of the Solaris Security Toolkit software components. The Solaris Security Toolkit software is a collection of files and directories. FIGURE 1-1 shows an illustration of the structure.

 

FIGURE 1-1 Software Component Structure

Diagram illustrating the structure of software components.

 

The following program or command files are in the /bin directory:

  • add-client – JumpStart helper program for adding clients into a JumpStart environment
  • rm-client – JumpStart helper program for removing clients from a JumpStart environment
  • make-jass-pkg – Command that provides the ability to create a Solaris OS package from the contents of the Solaris Security Toolkit directory, to simplify internal distribution of a customized Solaris Security Toolkit configuration
  • jass-check-sum – Command that provides the ability to determine if any files modified by the Solaris Security Toolkit software have been changed, based on a checksum created during each Solaris Security Toolkit run
  • jass-execute – Command that executes most of the functionality of the Solaris Security Toolkit software

Directories

The components of the Solaris Security Toolkit architecture are organized in the following directories:

  • /Audit
  • /bin
  • /Documentation
  • /Drivers
  • /Files
  • /Finish
  • /lib
  • /man
  • /OS
  • /Packages
  • /Patches
  • /Profiles
  • /Sysidcfg

Each directory is described in this section. Where relevant, each script, configuration file, or subdirectory is listed, and references to other chapters are provided for detailed information.

The Solaris Security Toolkit directory structure is based on the structure in the Sun BluePrints book JumpStart Technology: Effective Use in the Solaris Operating Environment.

Audit Directory

This directory contains the audit scripts that evaluate a system’s compliance with a defined security profile or set of audit scripts. The scripts in this directory are organized into the following categories:

  • Disable
  • Enable
  • Install
  • Minimize
  • Print
  • Remove
  • Set
  • Update

For detailed listings of the scripts in each of these categories and descriptions of each script, refer to the Solaris Security Toolkit 4.2 Reference Manual.

Documentation Directory

This directory contains text files with information for the user, such as README, EOL_NOTICE, and INSTALL files.

man Directory

This directory contains subdirectories for the sections of man pages for commands, functions, and drivers. This directory also contains the windex file, which is an index of the commands and is provided as a courtesy.

For more information about these man pages, refer to the actual man pages or to the Solaris Security Toolkit 4.2 Man Page Guide.

Drivers Directory

This directory contains files of configuration information specifying which files are executed and installed when you run the Solaris Security Toolkit software. This directory contains drivers, scripts, and configuration files.

The following is an example of the drivers and scripts in the Drivers directory:

  • audit_{private|public}.funcs
  • common_{log|misc}.funcs
  • {config|hardening|secure}.driver
  • driver.{init|run}
  • driver_{private|public}.funcs
  • finish.init
  • server-{config|hardening|secure}.driver
  • suncluster3x-{config|hardening|secure}.driver
  • sunfire_15k_sc-{config|hardening|secure}.driver
  • undo.{funcs|init|run}
  • user.init.SAMPLE
  • user.run.SAMPLE

All drivers included with the Solaris Security Toolkit have three files for each driver:

  • name-{config|hardening|secure}.driver

These three files are indicated in brackets in the previous lists, for example, sunfire_15k_sc-{config|hardening|secure}.driver. These files are listed for completeness. Use only the secure.driver or name-secure.driver when you want to execute a driver. That driver automatically calls the related drivers.

The Solaris Security Toolkit architecture includes configuration information to enable driver, finish, and audit scripts to be used in different environments, while not modifying the actual scripts themselves. All variables used in the finish and audit scripts are maintained in a set of configuration files. These configuration files are imported by drivers, which make the variables available to the finish and audit scripts as they are called by the drivers.

The Solaris Security Toolkit software has four main configuration files, all of which are stored in the Drivers directory:

  • driver.init
  • finish.init
  • user.init
  • user.run

The user.run file provides a location for you to write replacement or enhanced versions of Solaris Security Toolkit functions, which are automatically used if present.

Leave a Reply

Your email address will not be published. Required fields are marked *

Login




Recent Posts

Tags

Containers DHCP ESX FAQ Jass Jumpstart LVM NFS NIC NIS Oracle Predictive QLx40xx QLx40xx FCode RAID RAID-Z redhat Runlevels Samba SAN boot Sar Scenarios Securing Systems Security Toolkit software Self-Healing Services SMF Software Companents Solaris Solaris + Emulex HBA Solaris 10 solaris 10 boot from SAN Solaris 10 OS Solaris zone Solaris Zones Sun Sun Microsystems SVM swap VCS Volume Manager VXVM ZFS Zone Zones

Quick Links

Copyright 2017 ©Aceadmins. All rights reserved.