RE: [Bastille-linux-discuss] RPM
This tool locks down Linux and UNIX systems.
Brought to you by:
jay
Menu
▾
▴
RE: [Bastille-linux-discuss] RPM
|
From: BUCK,KEITH (HP-FtCollins,ex1) <kei...@am...> - 2000-09-15 17:36:30
|
Patty wrote: > > Hi, Thanks for getting back to me. Actually, I have run Bastille > on machines after they were installed. I guess what I'm looking > for is instructions on how to turn the untared Bastille distribution > into an RPM so I can add it the post install part of my kickstart > script. > > I read the RPM-HOWTO and it looks to be alot of work. Guess I was > hoping someone could provide the spec file, header, prep, build, > etc. I could then taylor the source to my environment and > then build the package with RPM. First, a disclaimer: I've never built an RPM or used Kickstart, so I don't know if this will help or not. I thought that the ability to run Bastille from kickstart sounded neat, and I wondered why it required an RPM. I happen to have a RedHat reference guide sitting next to me on my desk, so I looked it up. There is a section in the kickstart file called %post, and in it you can run commands after the install is done. So, would it work to just stick the tarball on your install media (CD or floppy) or on a known network location (by IP, dns doesn't work yet). Then in the %post section you can run arbitrary commands, like cp /somewhere/Bastille.tgz /root cd /root tar xzf Bastille.tgz cd Bastille cp /somewhere/config . ./BackEnd.pl (or something similar) to implement your configuration of Bastille on your fresh out-of-the-box machine. I haven't tested this solution, but it seems like it might work and you don't even have to make an RPM. -Keith Buck Manageability Solutions Lab Hewlett-Packard |
