secfsd Utility
The secfsd
utility displays the following attributes of CTE:
-
GuardPoints defined in the GuardPoints tab
-
Authentication parameters defined in the Host Settings tab
-
Lock status set by enabling FS Agent Locked and System Locked
-
Web destination and SSL certificate for uploading log entries
-
Policies applied in the GuardPoints tab
-
Status of required processes (
secfsd
andvmd
) -
Version of
secfs
The secfs
utility is also used to mount GuardPoints for Directory (Manual Guard)
. Normally, CTE automatically mounts the secfs
file system when you apply a GuardPoint to a directory. On AIX, the secfsd
utility is located in <install_dir>/secfs/.sec/bin
and a symbolic link to this file is placed in /usr/bin/secfsd
.
secfsd syntax
Command | Description |
---|---|
-help |
display secfsd options |
Status Options
Command | Description |
---|---|
-status guard [-v | -tree] |
list all GuardPoints |
-status keys |
show current encryption key state |
-status auth |
list authentication settings |
-status lockstat |
show CTE lock status |
-status logger |
list logging details |
-status policy |
list configured policies |
-status pslist |
list protected processes |
-status devmap |
list guarded devices |
Manual GuardPoint options
Command | Description |
---|---|
-guard path [container ID] |
manually guard path |
-unguard path [container ID] |
manually unguard path |
Version option
Command | Description |
---|---|
-version |
list version of kernel module secfs2 |
Encryption Mode option information
Command | Description |
---|---|
crypto |
Displays the encryption modes that are supported. |
Configuration Mode option information
Command | Description |
---|---|
config <config_param> <value> |
Displays the encryption modes that are supported. |