Changeset View
Changeset View
Standalone View
Standalone View
documentation/content/en/books/handbook/mac/_index.adoc
Show First 20 Lines • Show All 731 Lines • ▼ Show 20 Lines | |||||
[[mac-implementing]] | [[mac-implementing]] | ||||
== Nagios in a MAC Jail | == Nagios in a MAC Jail | ||||
This section demonstrates the steps that are needed to implement the Nagios network monitoring system in a MAC environment. | This section demonstrates the steps that are needed to implement the Nagios network monitoring system in a MAC environment. | ||||
This is meant as an example which still requires the administrator to test that the implemented policy meets the security requirements of the network before using in a production environment. | This is meant as an example which still requires the administrator to test that the implemented policy meets the security requirements of the network before using in a production environment. | ||||
This example requires `multilabel` to be set on each file system. | This example requires `multilabel` to be set on each file system. | ||||
It also assumes that package:net-mgmt/nagios-plugins[], package:net-mgmt/nagios[], and package:www/apache22[] are all installed, configured, and working correctly before attempting the integration into the MAC framework. | It also assumes that package:net-mgmt/nagios-plugins[], package:net-mgmt/nagios[], and package:www/apache24[] are all installed, configured, and working correctly before attempting the integration into the MAC framework. | ||||
=== Create an Insecure User Class | === Create an Insecure User Class | ||||
Begin the procedure by adding the following user class to [.filename]#/etc/login.conf#: | Begin the procedure by adding the following user class to [.filename]#/etc/login.conf#: | ||||
[.programlisting] | [.programlisting] | ||||
.... | .... | ||||
insecure:\ | insecure:\ | ||||
▲ Show 20 Lines • Show All 220 Lines • Show Last 20 Lines |