On Sat, Dec 01, 2001 at 02:32:06PM +0100, Mathias Gygax wrote: > On Sam, Dez 01, 2001 at 03:32:51 +1000, mdevin@ozemail.com.au wrote: > > Is it easy to get rid of it, if it causes me more trouble than it is > > worth? > > run an unpatched kernel, disable it with kernel option "security=0" > (e.g. lilo boot option) or disable it on runtime with > "lidsadm -S -- -LIDS_GLOBAL" (replace - by + to reactivate it) > > > What I mean is: If I have trouble and decide that I don't want > > LIDS anymore, can I boot into single user mode with LIDS deactivated and > > then reinstall a previous kernel without LIDS? > > sure you can. replace the kernel and /etc/lids and the whole thing's > gone. > > > For example: If I make a boot floppy with a kernel without LIDS, can I > > just boot from this and everything will run as it was before I > > installed LIDS? > > yes, it will. no daemon or anything else on the storage media get > changed. the only thing on the storage is /etc/lids with default > capabilities (lids.cap), LIDS password (lids.pw), remote alert > configuration (lids.net) and the LIDS configuration file (lids.conf). > You have really inspired me to give this a go. It sounds as though I have nothing to lose except time. And in my opinion this may be time well spent as at least I will learn much about the root daemons. Prior to doing this though, I am going to re-write my iptables firewall to include NAT (masquerading) for my internal LAN and install libsafe. Then after setting up a DNS server on this box and squid, I will give LIDS a go. So I guess I have a bit of work to do first. And lots of learning :-) Thanks for all the time you have put into educating me. Much appreciated. Regards. Mark.
Attachment:
pgprtw9dqbP_w.pgp
Description: PGP signature