[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: daemon configuration

On Sun, Oct 03, 1999 at 10:32:46AM -0400, Raul Miller wrote:
> On Sun, Oct 03, 1999 at 02:59:38AM -0400, Rick wrote:
> > I'm uncertain whether this is a good idea or not.  I have helped many
> > people install redhat linux and, frankly, the daemon enable screen
> > confuses them.  They don't know what all these things are or which ones
> > they may need.  If this gets implemented at least have an obvious "enable
> > default daemons" button.
> Agreed, this is a problem with Red Hat's implementation.
> We should ask the user what kind of policy they want to have for network
> services.  We should inform them that there's a small risk that remote
> users may compromise their machine if they enable network services,
> but that in some situations the machine would be worthless without such
> services.  We should present a couple examples (http, remote login),
> present the basic options (no network services on by default, most
> network services on by default, choose on a service by service basis),
> and we should give them a command to use after the install is complete
> that lets them see what network services are in use and what package
> is responsible for them, and a reference to how to find documentation
> in the variety of formats a package could supply it in (man, info,
> /usr/{,share}/doc, --help or -h, documentation embedded in configuration
> files, or for the really desperate: documentation embedded in programs)
> I'm not sure whether is such a reference about documentation.
> I'm sure there's no such reference about associating packages with
> network sockets.  It would be possible to write such a thing, based on
> lsof -F -i -n, but maybe it's better to teach everyone how to use lsof
> (run lsof as root, teach about the +M option, egrep for '(UDP).*(LISTEN|\*)'),
> use dpkg -S to find package associated with a program.

I **really** like the idea of a policy manager program.  I see one
problem, in that portions of policy management would include pam in
addition to resource management, etc.

Hmmm...I think I will have to propose that to my developers here at
TurboLinux.  Yup.  Already had a bunch of positive responses.

Regarding TurboLinux and RedHat people being here on this list;  We are
not competitors.  We compete with WinNT and Solaris and SCO.  You are some
of the great people that make this linux dream a reality. :-)


Have you heard that the next Space Shuttle is supposed to carry several Guernsey cows?
It's gonna be the herd shot 'round the world.
The Doctor What: Not that 'who' guy              http://docwhat.gerf.org/
docwhat@gerf.org                    (finger docwhat@gerf.org for PGP key)

Reply to: