bsmconv(1M)

NAME

     bsmconv, bsmunconv - enable or disable  the  Basic  Security
     Module (BSM) on Solaris

SYNOPSIS

     /etc/security/bsmconv [rootdir...]

     /etc/security/bsmunconv [rootdir...]

DESCRIPTION

     The bsmconv and bsmunconv scripts are used to enable or dis-
     able  the  BSM  features  on  a Solaris system. The optional
     argument rootdir is a list of one or more  root  directories
     of  diskless  clients  which have already been configured by
     way of the Host Manager, see admintool(1M)

     To enable or disable BSM on a diskless client, a server,  or
     a  stand-alone  system,  logon  as  super-user to the system
     being converted and use the bsmconv  or  bsmunconv  commands
     without any options.

     To enable or disable BSM on  a  diskless  client  from  that
     client's  server,  logon to the server as super-user and use
     bsmconv, specifying the  root  directory  of  each  diskless
     client you wish to affect. For example, the command:

     myhost# bsmconv /export/root/client1 /export/root/client2

     enables BSM on the two machines named client1  and  client2.
     While the command:

     myhost# bsmconv

     enables BSM only on the machine  called  myhost.  It  is  no
     longer  necessary  to  enable BSM on both the server and its
     diskless clients.

     After running bsmconv the system can be configured by  edit-
     ing the files in /etc/security. Each diskless client has its
     own copy of configuration files in its root  directory.  You
     might want to edit these files before rebooting each client.

     Following the completion  of  either  script,  the  affected
     system(s) should be rebooted to allow the auditing subsystem
     to come up properly initialized.

FILES

     The following files are created by bsmconv:

     /etc/security/device_maps
           Administrative file defining  the  mapping  of  device
           special files to allocatable device names.

     /etc/security/device_allocate
           Administrative file  defining  parameters  for  device
           allocation.

ATTRIBUTES

     See attributes(5) for descriptions of the  following  attri-
     butes:

     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Availability                | SUNWcsr                     |
    |_____________________________|_____________________________|

SEE ALSO

     admintool(1M),         auditconfig(1M),          auditd(1M),
     audit_startup(1M),  audit.log(4),  audit_control(4),  attri-
     butes(5)
Man(1) output converted with man2html