Re: exim update not responding to update-rc.d

To: debian-user@lists.debian.org
Subject: Re: exim update not responding to update-rc.d
From: conover@rahul.net (John Conover)
Date: Tue, 4 May 2021 13:27:56 -0700
Message-id: <[🔎] 20210504202756.10259.qmail@rahul.net>
Reply-to: conover@rahul.net (John Conover)
In-reply-to: <[🔎] 2cd41308-8be4-095f-4174-6dad36d2f2cb@mail.com>
References: <[🔎] 20210504161739.4602.qmail@rahul.net> <[🔎] YJF6i7fyNAHgmWk9@wooledge.org> <[🔎] 20210504170343.7512.qmail@rahul.net> <[🔎] 20210504182641.2c41487b@jresid.jretrading.com> <[🔎] 85928091-a801-951e-5237-6b38bf093499@rail.eu.org> <[🔎] 2cd41308-8be4-095f-4174-6dad36d2f2cb@mail.com>

For the archives, this issue was created by looking for penetration
vulnerabilities during the boot of a Debian Buster machine using
tcpdump(1) on a machine between Buster, and the it's Internet facing
router.

There was exim traffic when exim boots, but exim was SUPPOSED to be
disabled during boot by policy.

As per the man page for System V init, to disable launching of exim:

    update-rc.d -f exim remove

which would be (re-)enabled with:

    update-rc.d -f exim defaults

which installs the ln -s files in /etc/rc*.d, as appropriate.

The correct command on Buster is:

    update-rc.d -f exim4 remove

It was discovered during routine security audit of iptables(1)
configuration, (specifically, IPv6.)

    John

john doe writes:
> On 5/4/2021 7:28 PM, Erwan David wrote:
> > Le 04/05/2021 Ã  19:26, Joe a Ã©critÂ :
> >> On Tue, 4 May 2021 10:03:43 -0700
> >> conover@rahul.net (John Conover) wrote:
> >>
> >>> Greg Wooledge writes:
> >>>> On Tue, May 04, 2021 at 09:17:38AM -0700, John Conover wrote:
> >>>>> Searching for exim in
> >>>>> /etc/systemd/system/multi-user.target.wants/* and
> >>>>> /lib/systemd/system/* yields nothing.
> >>>>>
> >>>>> How do I stop exim from launching across boots?
> >>>> Presumably there is a systemd service, which is enabled.  You will
> >>>> want to disable it.
> >>>>
> >>> That was the question, Greg:
> >>>
> >>>      "Searching for exim in
> >>>      /etc/systemd/system/multi-user.target.wants/* and
> >>>      /lib/systemd/system/* yields nothing."
> >>>
> >>> so, it wasn't there. Which service?, (or how to find out?) Or, maybe,
> >>> it is under /etc/init.d/exim4, which failed to work, so, I was looking
> >>> into the systemd control files.
> >>>
> >> Try exim4.service
> >>
> > apt-file tells me trhere is a exim4-base.service (from package exim4-base)
> >
> 
> You could look in the log for the service name then do 'systemctl
> disable <SERVICE-NAME>'.
> 
> I just want to mention 'inserv' but you should use systemd.
> 
> --
> John Doe

-- 

John Conover, conover@rahul.net, http://www.johncon.com/

Reply to:

Follow-Ups:
- Re: exim update not responding to update-rc.d
  - From: Greg Wooledge <greg@wooledge.org>

References:
- exim update not responding to update-rc.d
  - From: conover@rahul.net (John Conover)
- Re: exim update not responding to update-rc.d
  - From: Greg Wooledge <greg@wooledge.org>
- Re: exim update not responding to update-rc.d
  - From: conover@rahul.net (John Conover)
- Re: exim update not responding to update-rc.d
  - From: Joe <joe@jretrading.com>
- Re: exim update not responding to update-rc.d
  - From: Erwan David <erwan@rail.eu.org>
- Re: exim update not responding to update-rc.d
  - From: john doe <johndoe65534@mail.com>

Prev by Date: Re: Ghost cronjob
Next by Date: Re: exim update not responding to update-rc.d
Previous by thread: Re: exim update not responding to update-rc.d
Next by thread: Re: exim update not responding to update-rc.d
Index(es):
- Date
- Thread