[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: firewall

On Mon, Sep 10, 2001 at 02:36:50PM -0500, Nathan E Norman wrote:
> On Mon, Sep 10, 2001 at 07:38:10PM +0100, Tim Haynes wrote:
> > Adam Olsen <rhamph@d2dc.net> writes:
> > 
> > > > It should be sufficient to do
> > > >         update-rc.d -f portmap remove
> > > >         update-rc.d -f lpd remove
> > > >         update-rc.d -f bind remove
> > > 
> > > As an aside, I did this with proftpd, but when I upgrade the install
> > > scripts restart it. Is there a proper way way to deal with this? Is there
> > > some debian policy relating to it?
> > 
> > No real answer from me, but I've noticed this too - whenever I `apt-get
> > dist-upgrade' and get a new version of a package, it starts the services
> > required. Don't like it. I really want to be able to specify otherwise.
> If you read the manpage for update-rc.d, you'll note that it says 
>   If any files /etc/rcrunlevel.d/[SK]??name already exist then
>   update-rc.d does nothing.  This is so that the system administrator
>   can rearrange the  links,  provided that  they  leave  at  least one
>   link remaining, without having their configuration overwritten.
> So, to leave a service installed but not starting, you need to leave
> at least one K link.
> if you're saying "hey, that's not intuitive", you're right.  See 
>   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=67095&repeatmerged=yes
> for more discussion.
> Incidentally, debian has another daemon issue ... whether daemons
> should start immediately after installation.  This is in fact why the
> above problem happens ... since no start/stop links are found, it's
> assumed that this is a new installation of the daemon, so it's started
> for you.  However, many would like the ability to prevent daemons from
> automatically starting after installation even if this is a new
> install.
> There's been much discussion on d-devel about this problem, and how to
> solve it.  While it's clear most everyone agrees it's a problem, I
> don't know that consensus has been reached on how to solve it.

I seem to recall that update-rc.d gives an error message when you
upgrade if there's no links.  The simplest solution would be to change
the error message, making it clear that they should have all stop
links instead of no links.

And of course you need the links, otherwise it won't shutdown properly
when you shutdown the system.

Incidentally, I just looked and it seems I must have figured this out.
I have all stop links :)

Adam Olsen, aka Rhamphoryncus

Reply to: