Changeset c0b5bba


Ignore:
Timestamp:
07/12/2014 03:43:47 AM (10 years ago)
Author:
Christopher Gregory <cjg@…>
Branches:
gnome
Children:
a998e97
Parents:
01dfd54
Message:

Added systemd notes to libcap mitkrb openssh polkit and stunnel pages

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/branches/gnome@13393 af4574ff-66df-0310-9fd7-8a98e5e911e0

Files:
6 edited

Legend:

Unmodified
Added
Removed

  • introduction/welcome/changelog.xml

    r01dfd54 rc0b5bba  
    5959        <listitem>
    6060          <para>[cjg] - Added systemd notes to cyrus-sasl page.</para>
     61        </listitem>
     62        <listitem>
     63          <para>[cjg] - Added systemd notes to libcap page.</para>
     64        </listitem>   
     65        <listitem>
     66          <para>[cjg] - Added systemd notes to mitkrb page.</para>
     67        </listitem>
     68        <listitem>
     69          <para>[cjg] - Added systemd notes to openssh page.</para>
     70        </listitem>
     71        <listitem>
     72          <para>[cjg] - Added systemd notes to polkit page.</para>
     73        </listitem>
     74        <listitem>
     75          <para>[cjg] - Added systemd notes to stunnel page.</para>
    6176        </listitem>
    6277      </itemizedlist>

  • postlfs/security/libcap.xml

    r01dfd54 rc0b5bba  
    6969  <sect2 role="installation">
    7070    <title>Installation of libcap</title>
     71
     72     <note>
     73     <para>
     74     Systemd users don't need to install this package since it has
     75     already been installed as part of LFS.
     76     </para>
     77     </note>
    7178
    7279    <para>Install <application>libcap</application> by running the following

  • postlfs/security/mitkrb.xml

    r01dfd54 rc0b5bba  
    474474
    475475      <indexterm zone="mitkrb mitkrb-init">
     476        <primary sortas="f-krb5">krb5</primary>
     477      </indexterm>
     478
     479<screen role="root"><userinput>make install-krb5</userinput></screen>
     480
     481    </sect3>
     482
     483
     484    <sect3 id="mitkrb-init-systemd">
     485      <title>Systemd Unit File</title>
     486
     487      <note>
     488      <para>
     489        Note that Kerberos KDC server needs to be configured first, so don't
     490        install systemd units unless krb5kdc has been tested to work according to
     491        the BLFS instructions. The install process installs 3 units, one for krb5kdc,
     492        one for kpropd the Kerberos Propagation Server and the one for kadmind
     493        the Kerberos Admin Server.
     494      </para>
     495      </note>
     496
     497      <para>
     498        Instead of using the classic boot script, the systemd-units package
     499        provides native unit files.
     500        Install the Systemd Unit included in the <xref linkend="systemd-units"/>
     501        package using the following command:
     502      </para>
     503
     504      <indexterm zone="mitkrb mitkrb-init-systemd">
    476505        <primary sortas="f-krb5">krb5</primary>
    477506      </indexterm>

  • postlfs/security/openssh.xml

    r01dfd54 rc0b5bba  
    316316<screen role="root"><userinput>make install-sshd</userinput></screen>
    317317    </sect3>
     318
     319    <sect3  id="openssh-init-systemd">
     320      <title>Systemd Unit File</title>
     321
     322      <para>
     323       Instead of using the classic boot script, the systemd-units package provides
     324       native unit files. To start the SSH server at system boot, install the
     325       systemd unit included in the <xref linkend="systemd-units"/> package.as the
     326       <systemitem class="username">root</systemitem> user:
     327       </para>
     328
     329      <indexterm zone="openssh openssh-init-systemd">
     330        <primary sortas="f-sshd">sshd</primary>
     331      </indexterm>
     332
     333<screen role="root"><userinput>make install-sshd</userinput></screen>
     334
     335      <note>
     336      <para>
     337        Note that this package comes with two types of units: A service file and a socket file.
     338        The service file will start sshd daemon once at boot and it will keep running until the
     339        system shuts down. The socket file will make systemd listen to sshd port (Default 22, needs
     340        to be edited for anything else) and will start sshd daemon when something tries to connect
     341        to that port and stop the daemon when the connection is terminated. This is
     342        called socket activation.
     343
     344        By default, the first method is used - sshd daemon is started at boot and stopped at shutdown.
     345        If the socket method is desired, you need to run as the <systemitem class="username">root</systemitem> user:
     346
     347 
     348<screen role="root">
     349
     350<userinput>         
     351
     352systemctl stop sshd &amp;&amp;
     353systemctl disable sshd.service &amp;&amp;
     354systemctl enable sshd.socket &amp;&amp;
     355systemctl start sshd.socket
     356
     357</userinput>
     358</screen>
     359
     360      </para>
     361      </note>
     362    </sect3>
     363
    318364  </sect2>
    319365

  • postlfs/security/polkit.xml

    r01dfd54 rc0b5bba  
    9090      <xref linkend="DocBook"/>,
    9191      <xref linkend="docbook-xsl"/>,
    92       <xref linkend="gtk-doc"/>,
    93       <xref linkend="libxslt"/> and
     92      <xref linkend="gtk-doc"/>, and
     93      <xref linkend="libxslt"/>
     94    </para>
     95
     96    <bridgehead renderas="sect4">Optional (Required if using systemd and building GNOME)</bridgehead>
     97    <para role="optional">
    9498      <xref linkend="linux-pam"/>
    9599    </para>
     100
     101    <note>
     102      <para>
     103        This package will link against systemd libraries by default, since they are always installed
     104        and in doing that, it doesn't require ConsoleKit anymore.
     105      </para>
     106    </note>
    96107
    97108    <note>
     
    162173      replace "no" by "yes".
    163174    </para>
     175
     176    <note>
     177    <para>
     178     Systemd users, if this package is going to be used, ie on desktops or if an
     179     user wants to grant unprivileged users to be able to shut down,
     180     reboot, etc the systemd PAM module needs to be built and set up.
     181     It is also a good idea to build Polkit with PAM support, so the Polkit can take
     182     advantage of the PAM module, so you need to remove the below parameter from
     183     the configure line, and create the PAM file mentioned in the configuration section.
     184    </para>
     185    </note>
    164186
    165187    <para>

  • postlfs/security/stunnel.xml

    r01dfd54 rc0b5bba  
    241241
    242242<screen role="root"><userinput>make install-stunnel</userinput></screen>
     243
     244    </sect3>
     245
     246    <sect3  id="stunnel-init-systemd">
     247      <title>Systemd Unit File</title>
     248
     249      <para>This package provides a systemd unit in the source tarball.
     250       To install it run the following commands as the
     251     <systemitem class="username">root</systemitem> user:
     252      </para>
     253      <indexterm zone="stunnel stunnel-init-systemd">
     254        <primary sortas="f-stunnel">stunnel</primary>
     255      </indexterm>
     256
     257      <para>Remove an unnecessary dependency:</para>
     258
     259<screen role="root"><userinput>sed -i /syslog.target/d tools/stunnel.service</userinput></screen>
     260
     261      <para>Install the service:</para>
     262
     263<screen role="root"><userinput>install -v -m644 tools/stunnel.service /lib/systemd/system/stunnel.service</userinput></screen>
     264
     265      <para>Enable the service:</para>
     266
     267<screen role="root"><userinput>systemctl enable stunnel</userinput></screen>
    243268
    244269    </sect3>
Note: See TracChangeset for help on using the changeset viewer.