Bastille and Firestarter?

[mdiana]

Hello everybody,

I am trying to intsall Bastille on Ubuntu and I have some errors
when it tries to apply the configuration file:

NOTE: Bastille is scanning the system
configuration...

Bastille is now locking down your system in accordance
with your
answers in the "config" file. Please be patient as
some modules
may take a number of minutes, depending on the speed
of your machine.

Executing Firewall Specific Configuration
Executing File Permissions Specific Configuration
Executing Account Security Specific Configuration
ERROR: Unable to open /etc/pam.d/xdm as the
swap file /etc/pam.d/xdm.bastille
already exists. Rename the swap file to
allow Bastille
to make desired file modifications.
ERROR: open /etc/pam.d/xdm.bastille failed...
ERROR: open /etc/pam.d/xdm failed.
# Couldn't prepend line to /etc/pam.d/xdm, since open
failed.
ERROR: Unable to open /etc/pam.d/kde as the
swap file /etc/pam.d/kde.bastille
already exists. Rename the swap file to
allow Bastille
to make desired file modifications.
ERROR: open /etc/pam.d/kde.bastille failed...
ERROR: open /etc/pam.d/kde failed.
# Couldn't prepend line to /etc/pam.d/kde, since open
failed.
Executing Boot Security Specific Configuration
Couldn't modify hard drive's grub.conf -- couldn'tfind
/etc/grub.conf
Executing Inetd Specific Configuration
Executing PAM Specific Configuration
Executing Logging Specific Configuration
ERROR: Unable to open /etc/logrotate.d/syslog as the
swap file /etc/logrotate.d/syslog.bastille
already exists. Rename the swap file to
allow Bastille
to make desired file modifications.
ERROR: open /etc/logrotate.d/syslog.bastille
failed...
ERROR: open /etc/logrotate.d/syslog failed.
# Couldn't append line to /etc/logrotate.d/syslog,
since open failed.Executing Printing Specific
Configuration
Executing Temporary Directory Specific Configuration
################################################## ######
Errors have occurred in the configuration.
Please view the following file for more details:
/var/log/Bastille/error-log
################################################## ######


I didn't choose to configure the firewall because I was
thinking that maybe I could still continue on the
Firestarter, which runs right now and whiche by the way is very user friendly.

do you know if that's possible (to use Bastille but not with it's own firewall script?)and why I have these errors?????

I actually have gnome and not kde ...

thank u very very much for your support!!!
It's really "urgent" that I see how Bastille works ....

Diana

[nalg0rath]

It could be helpful if you posted the content of /var/log/Bastille/error-log so that we can see the details, the output only shows that it fail, not why...

Just a guess: Running it as root?

[mdiana]

Here it is, the content of /var/log/Bastille/error-log and thank u for trying to help

{Wed Jul 6 17:24:35 2005} ERROR: Unable to open /etc/pam.d/xdm as the
swap file /etc/pam.d/xdm.bastille
already exists. Rename the swap file to allow Bastille
to make desired file modifications.
{Wed Jul 6 17:24:35 2005} ERROR: open /etc/pam.d/xdm.bastille failed...
{Wed Jul 6 17:24:35 2005} ERROR: open /etc/pam.d/xdm failed.
{Wed Jul 6 17:24:35 2005} # Couldn't prepend line to /etc/pam.d/xdm, since open failed.
{Wed Jul 6 17:24:35 2005} ERROR: Unable to open /etc/pam.d/kde as the
swap file /etc/pam.d/kde.bastille
already exists. Rename the swap file to allow Bastille
to make desired file modifications.
{Wed Jul 6 17:24:35 2005} ERROR: open /etc/pam.d/kde.bastille failed...
{Wed Jul 6 17:24:35 2005} ERROR: open /etc/pam.d/kde failed.
{Wed Jul 6 17:24:36 2005} # Couldn't prepend line to /etc/pam.d/kde, since open failed.
{Wed Jul 6 17:24:36 2005} Couldn't modify hard drive's grub.conf -- couldn't{Wed Jul 6 17:24:36 2005} find /etc/grub.conf
{Wed Jul 6 17:24:38 2005} ERROR: Unable to open /etc/logrotate.d/syslog as the
swap file /etc/logrotate.d/syslog.bastille
already exists. Rename the swap file to allow Bastille
to make desired file modifications.
{Wed Jul 6 17:24:38 2005} ERROR: open /etc/logrotate.d/syslog.bastille failed...
{Wed Jul 6 17:24:38 2005} ERROR: open /etc/logrotate.d/syslog failed.
{Wed Jul 6 17:24:38 2005} # Couldn't append line to /etc/logrotate.d/syslog, since open failed.


P.S. : yes, I have done "root InteractiveBastille"

diana

[nalg0rath]

Uh? What do you mean that you have done "root InteractiveBastille"? I meant that you shuld log in as root before you run "bastille" or "InteractiveBastille". (InteractiveBastille is the GUI for Bastille, right?).

TO log in as root do:

Code:

# su -

Then you have to type in the root (Super User) password to log in as root. Then try running again:

Code:

# InteractiveBastille

[mdiana]

yes, of course ... I'm sorry, it was a typing mistake ... I've done the equivalent which is "sudo InteractiveBastille" ...
do you have any idea about those erros?

[nalg0rath]

Ok, you could try this:
Move the files
[Original file] to [New file]
/etc/pam.d/kde.bastille -> /etc/pam.d/kde.bastille-backup
/etc/logrotate.d/syslog.bastille -> /etc/logrotate.d/syslog.bastille-backup
/etc/pam.d/xdm.bastille -> /etc/pam.d/xdm.bastille-backup

Do this with the "mv" command. When you have moved the files try running the program as root again and if it failes again post the new(hopefully) /var/log/Bastille/error-log.

PS. What boot loader do you have?

[mdiana]

I have done

mv /etc/pam.d/kde.bastille /etc/pam.d/kde
mv /etc/logrotate.d/syslog.bastille /etc/logrotate.d/syslog
mv /etc/pam.d/xdm.bastille /etc/pam.d/xdm

The boot loader is grub, but I there isn't any grub.conf in my filesystem

/var/log/Bastille/error-log says:

{Thu Jul 7 16:51:37 2005} Couldn't modify hard drive's grub.conf -- couldn't{Thu Jul 7 16:51:37 2005} find /etc/grub.conf

so, what should I do?
pls help !

Diana

[Flatline]

Try looking for menu.lst (it's usually in the /boot/grub directory).

[mdiana]

actually, I can't find where, in what script Bastille is looking for the file grub.conf ...is it there that I must replace grub.conf with menu.lst?

[Flatline]

There should be a config file for Bastille (/etc/Bastille/config, perhaps?) in which you can set your options.