| Previous | Table of Contents | Next |
To run ASET interactively:
The following example runs ASET at low security with the default working directory. Notice that if you run the aset command with no arguments, the default is to run at low security level:
# /usr/aset/aset
======= ASET Execution Log =======
ASET running at security level low
Machine = castle; Current time = 1015_13:45
aset: Using /usr/aset as working directory
Downgrading security level:
Previous level = high; Current level = low
Executing task list ...
firewall
env
sysconf
usrgrp
tune
cklist
eeprom
All tasks executed. Some background tasks may still be running.
Run /usr/aset/util/taskstat to check their status:
/usr/aset/util/taskstat [aset_dir]
where aset_dir is ASET's operating directory,currently=/usr/aset.
When the tasks complete, the reports can be found in:
/usr/aset/reports/latest/*.rpt
You can view them by:
more /usr/aset/reports/latest/*.rpt
# /usr/aset/util/taskstat
Checking ASET tasks status ...
Task firewall is done.
The following tasks are done:
firewall
The following tasks are not done:
env
sysconf
usrgrp
tune
cklist
eeprom
# cd /usr/aset/reports/latest
# ls
env.rpt firewall.rpt taskstatus usrgrp.rpt
execution.log sysconf.rpt tune.rpt
# more env.rpt
*** Begin Enviroment Check ***
Warning! umask set to umask 022 in /etc/profile - not recommended.
chmod: WARNING: can't access /tmp/tmppath.24379
Ambiguous output redirect
Can't open /tmp/tmppath.24379
Can't open /tmp/tmppath.24379
Can't open /tmp/tmppath.24379
Can't open /tmp/tmppath.24379
Can't open /tmp/tmppath.24379
cat: cannot open /tmp/tmppath.24379
*** End Enviroment Check ***
# more firewall.rpt
*** Begin Firewall Task ***
Beginning firewall.restore...
Restored ip_forwarding to previous value - 0.
Restored /usr/sbin/in.routed.
firewall.restore completed.
# more sysconf.rpt
Beginning sysconf.restore...
Restoring /etc/inetd.conf. Saved existing file in /etc/inetd.conf.asetbak.
Restoring /etc/aliases. Saved existing file in /etc/aliases.asetbak.
sysconf.restore completed.
*** Begin System Scripts Check ***
*** End System Scripts Check ***
# more tune.rpt
*** Begin Tune Task ***
Beginning tune.restore...
(This may take a while.)
# more usrgrp.rpt
Beginning usrgrp.restore...
Restoring /etc/passwd. Saved existing file in /etc/passwd.asetbak.
Restoring /etc/group. Saved existing file in /etc/group.asetbak.
Restoring /etc/shadow. Saved existing file in /etc/shadow.asetback.
usrgrp.restore completed.
*** Begin User And Group Checking ***
Checking /etc/passwd ...
Checking /etc/shadow ...
Warning! Shadow file, line 17, no password:
rob::::::::
... end user check.
Checking /etc/group ...
... end group check.
*** End User And Group Checking ***
To run ASET periodically, first you edit the PERIODIC_SCHEDULE variable in the /usr/aset/asetenv file, then you run the aset -p command which adds an ASET entry to the crontab file.
NOTE: Schedule ASET to run when system demand is light. The default setting for the PERIODIC_SCHEDULE environment variable is to run ASET every 24 hours at midnight.
To run ASET periodically:
The following example uses the default values for PERIODIC_SCHEDULE from the asetenv file to schedule when ASET will run:
castle% su Password: # /usr/aset/aset -p ======= ASET Execution Log ======= ASET running at security level low Machine = castle; Current time = 1015_14:22 aset: Using /usr/aset as working directory ASET execution scheduled through cron. # crontab -l root #ident "@(#)root 1.14 97/03/31 SMI" /* SVr4.0 1.1.3.1 */ # # The root crontab should be used to perform accounting data collection. # # The rtc command is run to adjust the real time clock if and when # daylight savings time changes. # 10 3 * * 0,4 /etc/cron.d/logchecker 10 3 * * 0 /usr/lib/newsyslog 15 3 * * 0 /usr/lib/fs/nfs/nfsfind 1 2 * * * [ -x /usr/sbin/rtc ] && /usr/sbin/rtc -c > /dev/null 2>&1 0 0 * * * /usr/aset/aset -d /usr/aset #
If you want to stop running ASET from crontab, edit the crontab file to remove the ASET entry.
To stop running ASET periodically:
| Previous | Table of Contents | Next |