Enabling the Basic Security Module (BSM)

This tip illustrates how and why you should enable the Basic Security Module (BSM).

Enabling the Basic Security Module (BSM)

This tip comes from Solaris 8 Essential Reference by John P. Mulligan, published by New Riders.

The Solaris Basic Security Module (BSM) is enabled or disabled on a BSM system by using two scripts in the /etc/security directory. The BSM increases the security of a system in many respects.

Enable BSM /etc/security/bsmconv
Disable BSM /etc/security/bsmunconv

Executing bsmconv with no options or arguments will enable the BSM on the host machine as well as any diskless clients being served by the host machine. It is important to reboot after enabling the BSM.

The BSM must be enabled to use any of the Solaris auditing facilities.

Diskless clients can enable the BSM by running bsmconv on the server system and specifying the exported root directory.

Example Task
bsmconv Enable the BSM on the local host and all diskless clients supported by the host
bsmconv /export/ root/host3 Enable the BSM on the diskless client called host3

Click here to learn more about Solaris 8 Essential Reference.

Did you like this tip? Hate it? Send us an email to let us know your thoughts.

This was first published in July 2001

Dig deeper on Alternative OS security: Mac, Linux, Unix, etc.



Enjoy the benefits of Pro+ membership, learn more and join.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: