Rechercher une page de manuel
msec
Langue: en
Version: 66208 (mandriva - 22/10/07)
Section: 8 (Commandes administrateur)
NAME
msec - Mandriva Linux security toolsSYNOPSIS
msec ([-o <option>=<value>...]) ([0-5])DESCRIPTION
msec is the main script of the msec package. It enables the system administrator to change the security level for that system. msec is provided with six preconfigured security levels. These levels range from poor security and ease of use, to paranoid config, suitable for very sensitive server applications.You must be root to run msec.
Launch "msec x" to set you security level to x (x=[0-5]). It'll modify your system according to security level x features. Called without argument, it will enforce the current security level without lowering security.
All the changes are logged to syslog(8) at the AUTH facility when called non interactivelly (by cron for example) or at the LOCAL1 facility when called interactivelly (on the command line or from Mandriva Linux Control Center for example).
For a fine description of each security level, consult the documentation under /usr/share/doc/msec-*/security.txt.
If you want to make changes to the current level, use /etc/security/msec/perm.local to override the permissions/owners/groups (use the same syntax as /usr/share/msec/perm.* or use the drakperm graphical utility) and /etc/security/msec/level.local to override the rules (see mseclib(3) for details or use the draksec graphical utility).
Available options:
- -o all-local-files=<value>
- if <value> is 1, consider that all the files are local.
- -o log=<value>
- if <value> is different of syslog do not log to syslog but to the standard error output.
- -o nolocal=<path>
- do not load the /etc/security/msec/level.local rules.
- -o non-local-fstypes=<value>
- <value> is a list of non local file system types separated by spaces.
- -o print=<value>
- if <value> is equal to 1, output the default values of the rules.
- -o root=<path>
- use <path> as the root of the file system.
FILES
/usr/sbin/msecThe msec executable (sh script)
/var/lib/msec/security.conf
Contains the configuration of the current active security level. These settings can be overridden in /etc/security/msec/security.conf.
SEE ALSO
mseclib(3), draksec, drakpermAUTHOR
Vandoorselaere Yoann, MandrivaContenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre