Skip to content

NovaStar Program Reference / System / nssecurity


Overview

The nssecurity program is typically run in the following situations.

  1. Run nssecurity at any time to check security settings:
    1. The default is to display an interactive menu.
    2. The program can be run in batch mode to audit security, for example to create a report.
  2. Call from the nscore program:
    1. Run nscore as the last step in the self-extracting novastar5install program, to provide an interactive menu and checklist to check security settings.
    2. Run nscore to troubleshoot problems in a NovaStar system, including.

By default, nssecurity will print an interactive text menu with indicators of security issues and options to correct the issues. If run with --batch (and optionally --silent), checks are run and the program exits.

In the future, an audit report will be implemented suitable for IT operations.

Command Line Usage

The command line syntax is as follows.

sudo nssecurity command [parameters]

The following commands can be run:

nssecurity Commands

Command                 Description
audit [address] Run checks to audit the security configuration on a NovaStar computer. Specify the address as machine name or IP address (default is localhost).
help [command] Print help for a command.

Optional values are shown in square brackets. Command line parameters are as follows.

nssecurity Command Line Parameters

Parameter                           Description Default            
--batch Run in batch mode. Batch mode will only run checks and print output, but will not fix problems. Use --silent to do checks with minimal output. The script will return 0 (zero) if no security issues are detected and non-zero if any security issues are detected. --interactive
--calledfrom=program Indicate the calling program, used in the interactive menu to show the software call hierarchy, for example when called from nscore.
-d
--debug
Turn debug on, which prints more messages.
-h
--help
Print the program usage.
-i
--interactive
Run interactively. This is the default run mode.
--logfile=filename Write log messages to the specified file. Write to stderr.
-v
--version
Print the program version.

Examples

The following runs checks, prints minimal output, and exits with 0 (zero) if no security issues are detected, or non-zero if security issues are detected.

sudo nssecurity audit --batch --silent

The following runs checks using the interactive menu:

sudo nssecurity audit

Scheduling

This program can be run on a schedule to perform a security audit, for example using --logfile to specify the log file for output.

NovaStar Administrator Interface

This program is not run from the Administrator. It should be run from the command line.

Troubleshooting

Issues with NovaStar installation are handled by TriLynx staff, including using this program.

See Also