Sybase recommends that all user created source files associated with Adaptive Server deployment be managed with a third party source control system (SCCS, RCS, Clearcase, Perforce, and so on). It is further recommended that deployment of these files be done in an automated way such as use of a bill of materials and scripts to install the files in a reliable and repeatable way. The script source itself is recommended to be maintained within the source control system.
Sybase also recommends that changes to Adaptive Server configuration be audited. There are two ways to enable audit of configuration changes made by sp_configure:
use the audit option exec_procedure on the object of sp_configure to directly audit sp_configure,
use the audit option security which includes configuration changes made by sp_configure and other procedures.
To capture configuration changes made to the configuration file directly, use operating system provided file system auditing on the configuration files.
Follow the recommendations of your operating system vendor to enable auditing of configuration files.
For example:
On Linux 2.6 kernel, use the auditd(8) daemon and related utilities auditctl, ausearch, and aureport.
On AIX, the audit system is configured in /etc/security/audit/config and started using the audit start command. The IBM Redbook "Accounting and Auditing on AIX 5L" can be referenced for AIX systems.
On Windows, auditing on files and folders is enabled by setting properties in the Security tab. For example, right-click the file or folder, then select Properties > Security > Advanced > Auditing and follow the dialog box. More information for Windows can be found on the Microsoft support site.
