Re: firewall

To: debian-security@lists.debian.org
Subject: Re: firewall
From: Adam Olsen <rhamph@d2dc.net>
Date: Mon, 10 Sep 2001 20:50:06 +0000
Message-id: <[🔎] 20010910205006.A24022@rhamphoryncus.dyndns.org>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20010910125942.A1336@nebula.dsl.speakeasy.net>
References: <[🔎] Pine.SOL.4.31.0109101203410.21149-100000@strauss.udel.edu> <[🔎] 86g09vqaou.fsf@potato.vegetable.org.uk> <[🔎] 20010910182739.A23525@rhamphoryncus.dyndns.org> <[🔎] 20010910125942.A1336@nebula.dsl.speakeasy.net>

On Mon, Sep 10, 2001 at 12:59:42PM -0700, Garrick James wrote:
> [snip]
> 
> > > It should be sufficient to do
> > >         update-rc.d -f portmap remove
> > >         update-rc.d -f lpd remove
> > >         update-rc.d -f bind remove
> > 
> > As an aside, I did this with proftpd, but when I upgrade the install
> > scripts restart it.  Is there a proper way way to deal with this?  Is
> > there some debian policy relating to it?
> 
> I usually divert the package's binary to something else.  That way the init
> script sees that the executable does not exist and therefore doesn't start
> it.  For portmap use something like:
> 
> dpkg-divert --rename --divert /sbin/portmap.diverted /sbin/portmap
> 
> Even if the init scripts get put back in place by un upgrade, they are
> looking for /sbin/portmap and not /sbin/portmap.diverted.  :-)  Man
> dpkg-divert for more info.

Of course that means I can no longer use /etc/init.d/proftpd start to
start it :)

-- 
Adam Olsen, aka Rhamphoryncus

Reply to:

Follow-Ups:
- Re: firewall
  - From: Garrick James <garrick@james.net>

References:
- Re: firewall
  - From: Rishi L Khan <rishi@UDel.Edu>
- Re: firewall
  - From: Tim Haynes <usenet@stirfried.vegetable.org.uk>
- Re: firewall
  - From: Adam Olsen <rhamph@d2dc.net>
- Re: firewall
  - From: Garrick James <garrick@james.net>

Prev by Date: Re: firewall
Next by Date: Re: firewall
Previous by thread: Re: firewall
Next by thread: Re: firewall
Index(es):
- Date
- Thread