can anyone help me out here? i've installed JASS 4.0.2 and SSH but my application requires ftp to be running.... how can i enable it? Thanks

Hi, Just wondering if there is a way to preserve ownership/group/permission when copying file using JASS_FILES variable?

I would like to have my custom driver exit with a non-zero exit code after it's done (or right away if that's the only way). Is that possible? No matter how many logError's I create, jass-execute always returns return code 0 when it's done. What should I call (or set) to allow ...

We are wanting to setup multiple v100's for our DHCP installation. We will be rolling it out first of year. Does anyone have any suggestions for creating the JASS driver to setup only DHCP service, and of course SSH since these will be in various locations across the domain? Any help will ...

I'm trying to grab the latest JASS file so that I can start working on a Solaris 10 jumpstart, however, I've tried downloading it with multiple versions of FireFox, and the file isn't right. The end result is 15 bytes. Now trying IE, it can't even find the file. Anyone else have any ...

I have migrated from JASS 0.3.11 to JASS 4.2. The JASS environment vatiables do not seem to work in the new version. For example, the variables JASS_LOG_FAILURE and JASS_LOG_NOTICE were by default set in the old version and NOTE/FAIL/PASS messages were generated when an audit was performed. ...

Hi. I have downloaded Solaris Security Toolkit 4.2 package, English from Sun Downloads. When trying to install I get: osiris:/soft% pkgadd -d SUNWjass pkgadd: ERROR: attempt to process datastream failed - open of <SUNWjass> failed, errno=2 pkgadd: ERROR: could not process datastream ...

Hi, I'm currently working on a closed-end system ( several SunFire V240's) that are not allowed to be connected to the Internet. I want to ensure that my servers all have the latest applicable patches, so I decided to download and install PatchManager. However, when running the command ...

In NSA's Manual-130, there is a proceedure that says in order to "declassify" RAM that has been in a secure area, you either destroy it, or write to in every memory loacation, with 1's and then 0's and then a random character. I have looked but have not found how to do this for a ...

There is an aim to establish tunnel 10.0.2.108 (Solaris Host) - 10.0.1.108 (Solaris Gateway) < - > 10.0.1.109 (FreeBSD Gateway) - 10.0.1.109 (FreeBSD Host).If Solaris-Gateway is Initiator and FreeBSD-Gateway is Responder then -> all ok. But if FreeBSD is Initiator there is touble on ...

hi. i'm new on this ( Solaris ) .. could someone help me one this ..When someone telnet to my Solaris Server . it doesn't create a log files .. that soppose system do .. the system only loggin when user su - to root account .. here are my syslog.conf .. # more /var/adm/messages# more ...

Dear all, the user "abc" wants to change her password but failed with the error msg shown below:$ passwd abcEnter existing login password: This password differs from your secure RPC password.Please enter your old Secure RPC password: New Password: Re-enter new Password: Permission ...

Hi, I was wondering if anyone has had the problem I'm having or knows how to fix it. I need to audit one of our servers at work. I turned on BSM auditing and modified the audit_control file to only flag the "lo" class(login/outs) then I rebooted. I viewed the log BSM created and it ...

Is there any patch management tool from solaris or third party can remotely scanning a solaris box and determin which patches are missing on the box? (Something like Microsoft MSBA)?Thanks in advance.

Hi,It seems as if BSM only audits events initiated by logged-in users. What I mean is that no audit trails are generated for a OS account's actions done by a start script upon reboot even if naflags is set to "all".Have I understood this correctly? any comments?BRDavid ...

Has any one had experience about Anti-virus software on Solaris?I thought anti-virus software was for PC only. But recently I heard something like McAfee VirusScan Command Line Scanner for Solaris. Has any one tried that?Any other anti-virus product that is good for Solaris?Thanks in ...

I'm looking for a RADIUS PAM module to use with Solaris 9 SPARC. Does anyone have any experience, recommendations?PM

Hi, sorry for this duplicate and ignorance if many people have asked already and this is common FAQ issue. In that case, please suggest the URL and if any better DL, please suggest me it as well.I am now trying to establish ipsec connections using certificate based authentication. I run the ...

Hi,Problem: (Solaris OE - 5.8)I want to create a user - "user1" who would be able to kill other normal users' shell process to log them out forcefully. For this he will su into a role - "killuser". This role has been assigned with a profile - "Killuser". The ...

Hi,Problem: (Solaris OE - 5.8)I want to create a user - "user1" who would be able to kill other normal users' shell process to log them out forcefully. For this he will su into a role - "killuser". This role has been assigned with a profile - "Killuser". The ...

Does any paper or document that describes how to using certificate based authentication ?+Kiyoshi

I would like to know if the Solaris Sunscreen 3.2 firewall supports PAT (Port Address Translation)?

As I can liberate the access to the command su only for some users? Blocking excessively.Thanks

Hello,I'm looking for a possibility to log the arguments of a command in acct. Sample : If I execute the following comand : $> rm -rf sample_diracct will only log "rm", while I'd like to have the whole command, meaning "rm -rf sample_dir"Thanks in advance,Fabrice ...

Hi all, hoping you can help me and I'm fairly new to Solaris. We have a production email server running Solaris 10. The server itself is a Sun Netra T1 200. The other day, it rebooted on it's own. After checking the syslog message I found out that the reboot was caused by a kernel ...

I am trying to find a way to setup an automatic IPSec keyed connection between Solaris, and Linux. From this forum, what I understand is we can do IKE on the Solaris, and Racoon on the Linux. I want to do the simplest IPSec connection with automated Key using these two. My are questions in ...

Hello allI've been reading some stuff concerning root passwords. In the passwd command man page it is said that the root account can bypass the validations such as password length, number of alphabetic caracters, etc (defined in /etc/default/passwd file). I have installed Solaris 10 and it is ...

I want to automatic log input command to a file.for example:the user 'test'input a 'rm -rf /data' command.the system can log the user,date and command to a file.So i can find who destroy or delete my data.Please help me.Thanks and Best Regards ! ...

When i use patchadd this error shows:#patchadd 112963-15Verifying signed patch <112963-15>... ERROR: Unable to open keystore </var/sadm/security/patchadd/truststore> for reading ERROR: Unable to lock keystore </var/sadm/security> for exclusive accessSignature invalid on signed ...

Hi,I got a problem that you might able to help meLast week, I installed the latest pactches on my Sun Machine and run a "Fix-modes" to correct variuos ownership and permission issue with files throughtout the Solaris OS file system.After that, I can't use "pg" command tool ...

Hi,Patches are provided for Solaris 8-10. i have a number of Solaris 7 prod boxes. anyone else in the same boat.Alert Id 102178CheersRob

Hola!For many years now, my organization has been a loyal Solaris customer. And while we still have issues with the default setup we have been able to get by with information from the blueprint articles and the tools (a big thanks to Alex Noordergraaf, Keith Watson, and Glenn Brunette!). In ...

I have this problem in the UNIX server I'm login from my PC to the server by telnet ?error transferring print job 552Check queue for (pr5@nksubs)this is information from excuting lpstat command :printer nksubs unknown state. enabled since May 22 13:53 2004. available.Remote Name: pr5Remote ...

I'm trying to setup my TSOL 8 12/02 workstation so that all users can access a memory stick.Through the command line I can mount the memory stick using the command : mount -F pcfs /dev/dsk/c1t0d0s0 /dev/usb/usb0however i have to do this in a privelaged shell otherwise I get the error Could not ...

We are creating a system that needs to be delivered to a customer. In the past, we would use a flash archive to deliver the images to the customer so they could install it on their own systems. What would be the best delivery method with TSol?

I installed Trusted Solaris Certified Edition and the window manager displayed "Certified Edition" at the far right on the trusted stripe but I later re-installed and now the window manager displays 齆ot Licensed?

I'm running Trusted Solaris 8 7/03 on a Sunfire v210.I continuously receive the following error message in /var/adm/messagesOct1 11:21:15 alpha auditwrite(3)[21457]:[ID 652923 user.alert] aborted:aw_errno = 4 = audit(2) failed, errno = 9 = Bad file numberI have not placed any ...

I upgraded and did a fresh install of Sun Ray Server 3.0 on TSOL 8 7/03 and I had it configure the default httpd server for Web Admin use. However upon boot it's not starting httpd due to some permission errors. Any body else have this problem? What are good permission settings for ...

Has anyone ever seen an issue on a NIS + server that does not allow new users to be properly created within SMC on TSOL 8? I have to reboot to solve the issue? Also, has anyone ever rebooted a NIS+ server in a Sun Ray environment while users are logged in? Does it Kill there sessions?

How can I connect to a single unlabeled host (a MS Windows box) from multiple labels?I have tsol setup with several compartments at the same sensitivity level. There is a MS Windows box on the network containing services that users from all compartments at this level need to connect to. I've ...

Hi ,Whats the diference between Standard Soalris 10 and Trusted Solaris 10 ?I think, in the past the standard version of Solaris have been evaluated but at lower levels -- could you please tell me if the standard Solaris 10 has been or is in the process of being evaluated for Common Criteria ...

I am trying to create a custom jumpstart that would restore the system back to its freshly installed state. Unfortunately, the collective size of ufsdump of all partitions came out to be larger than 700MB, so, a CD would not do, but a DVD would be great. But then, I run into the problem of VTOC ...

I want to now if and how I can configure 2 xntpd process at the same time.I have TSOL 8 703 with 2 network cards one is card is locked down to high class and the other one is locked down to low class.I want to run a xntpd client at high class and anouther xntpd server at low class.The high ...

Have a stupid question for anyone that can help.... I have installed Netscape 7.0 and do not have any problems using it. I have also installed Adobe Reader 7.0, again the application itself runs fine with no problems. The TSOL environment is very simple. Java 1.5.0.3 is loaded as well, (along ...

Currently, the globe control icon on front panellaunches netscape and I want to switch it tolaunch firefox instead. What files need to be modifiedfor this to happen?Thanks,

Hi!I'm a researcher writing a thesis on MLS technology. I'm not a Trusted Solaris user, so many questions may sound silly.I would like to know if the root account on a Trusted Solaris can change the label of a file or directory. Is root still the all-powerfull, super-user account?Thanks!Maxi ...

Hi everyone,Due to security reasons, we've been asked to look for more secured systems than 'plain' Solaris. That's how I discovered Trusted Solaris.I've read quite a few pages on it, and still have some questions that could not be answered, and I hope you could bring me answers, or at ...

Hello,Thinking to migrate to TS, I have a few questions about accounting on this system.On Solaris 8, accounting only logs commands, and not their parameters. For exemple, <div class="pre"><pre>$> rm -rf /</pre></div>would only be logged as<div ...

Hi,I have several java processes running as 'nobody' with a SECRET label. A standard 'ps -ef' from a SECRET workspace finds the processes, but not pgrep java or pgrep -U nobody I've tried several combinations of parameters and it seems pgrep must not be running at the right label. Is this ...

Hi all,I have a couple of scripts that I need to run in ADMIN_HIGH or even ADMIN_LOW. I need access to all directories and files under /. I am new to trusted solaris so I would like to ask some help in understanding as to how I can launch a shell script from cron in priviledged mode. I modified ...