Friday, July 06, 2007

Disable C2 Security Audits on Solaris

Keep in mind that auditing takes a lot of disk space, so you will need to plan accordingly. Also, the audits are cryptic and may not be useful unless you have someone who understands them. If you weren't aware of the aforementioned, you might want to disable the Basic Security Module (BSM). Here's an example.

Go to single user state
# init s
# cd /etc/security
# ./bsmunconv
This script is used to disable the Basic Security Module (BSM).
Shall we continue the reversion to a non-BSM system now? [y/n] y
bsmunconv: INFO: moving aside /etc/security/audit_startup.
bsmunconv: INFO: restore /etc/rc2.d/S92volmgt.
bsmunconv: INFO: removing c2audit:audit_load from /etc/system.
bsmunconv: INFO: stopping the cron daemon.

The Basic Security Module has been disabled.
Reboot this system now to come up without BSM.
# init 6

No comments: