From: Jonathan Williams (jonathw@shubertorg.com)
Date: Tue Jan 06 2004 - 11:13:38 EST
Here is the situation. A while ago I enabled C2 security on all my alpha boxes
(ES40 5.1b patchkit 3). Everything is working fine. The other day I wanted to
setup auditing on one of these systems. I went through the sysman wizard to set
this up. The very first thing it said was that it had to add parameters to the
kernel to support auditing. So it did some stuff, rebuilt the kernel and then I
restarted the server. I never actually continued and setup the auditing.
Now, I want to remove these kernel changes that the auditing wizard added. I
placed a call to HP to find out what I had to remove, and they said to remove
the OSFC2SEC540 subset. They said this will also remove the C2 security. I
don't want to remove the C2 security. My question is...how can it be that I
have to remove this subset to remove the auditing stuff, when this subset has
been installed for a long time. It would seem that if this subset is all that
is involved in auditing, then the kernel should have had everything it needed
(from the past enabling of C2 security).
So is this information correct, or is there something completely different that
needs to be done to undo what the auditing wizard did. Thanks for any info.
Jonathan Williams
Unix Systems Administrator
The Shubert Organization, Inc.
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:49:47 EDT