Changeset 305e60de

Timestamp:

01/27/2005 03:26:52 AM (19 years ago)

Author:

Randy McMurchy <randy@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

852cd813

Parents:

48ecffe8

Message:

Added indexing tags to Tripwire; more Chapter 4 clean-up

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@3344 af4574ff-66df-0310-9fd7-8a98e5e911e0

Location:

postlfs/security

Files:

• cyrus-sasl.xml (modified) (2 diffs)
• gnupg.xml (modified) (3 diffs)
• mitkrb.xml (modified) (9 diffs)
• stunnel.xml (modified) (5 diffs)
• tripwire.xml (modified) (13 diffs)

postlfs/security/cyrus-sasl.xml

@@ -83 +83 @@
             --with-dbpath=/var/lib/sasl/sasldb2 \
             --with-saslauthd=/var/run &&
-make &&
-make install &&
+make</command></userinput></screen>
+
+<para>Now, as the root user:</para>
+
+<screen><userinput role='root'><command>make install &amp;&amp;
 install -m644 saslauthd/saslauthd.mdoc \
     /usr/share/man/man8/saslauthd.8 &amp;&amp;
@@ -147 +150 @@
 </indexterm>
 
-<screen><userinput><command>make install-cyrus-sasl</command></userinput></screen>
+<screen><userinput role='root'><command>make install-cyrus-sasl</command></userinput></screen>
 
 <note><para>You'll need to modify the init script and replace the 

postlfs/security/gnupg.xml

@@ -54 +54 @@
 <sect3><title><application>GnuPG</application> dependencies</title>
 <sect4><title>Optional</title>
-<para><xref linkend="openldap"/>, <ulink url="../server/mail.html">MTA</ulink>, 
+<para><xref linkend="openldap"/>, 
+<ulink url="../server/mail.html">MTA</ulink>, 
 <xref linkend="docbook-utils"/> and <ulink 
 url="http://www.oasis-open.org/docbook/tools/dtm/">docbook-to-man</ulink>
@@ -69 +70 @@
 
 <screen><userinput><command>./configure --prefix=/usr --libexecdir=/usr/lib &amp;&amp;
-make &amp;&amp;
-make install &amp;&amp;
+make</command></userinput></screen>
+
+<para>Now, as the root user:</para>
+
+<screen><userinput role='root'><command>make install &amp;&amp;
 chmod 4755 /usr/bin/gpg</command></userinput></screen>
 
@@ -96 +100 @@
 <seglistitem>
 <seg>gpg, gpgsplit and gpgv</seg>
-<seg>/usr/lib/gunpg and /usr/share/gnupg</seg>
+<seg>/usr/lib/gnupg and /usr/share/gnupg</seg>
 </seglistitem>
 </segmentedlist>

postlfs/security/mitkrb.xml

@@ -103 +103 @@
 </para>
 
-<screen><userinput><command>make install &amp;&amp;
+<screen><userinput role='root'><command>make install &amp;&amp;
 mv /bin/login /bin/login.shadow &amp;&amp;
 cp /usr/sbin/login.krb5 /bin/login &amp;&amp;
@@ -179 +179 @@
 </para>
 
-<screen><userinput><command>cat &gt; /etc/krb5.conf &lt;&lt; "EOF"</command>
+<screen><userinput role='root'><command>cat &gt; /etc/krb5.conf &lt;&lt; "EOF"</command>
 # Begin /etc/krb5.conf
 
@@ -235 +235 @@
 </para>
 
-<screen><userinput><command>kdb5_util create -r <replaceable>[LFS.ORG]</replaceable> -s </command></userinput></screen>
+<screen><userinput role='root'><command>kdb5_util create -r <replaceable>[LFS.ORG]</replaceable> -s </command></userinput></screen>
 
 <para>
@@ -242 +242 @@
 </para>
 
-<screen><userinput><command>kadmin.local</command></userinput>
+<screen><userinput role='root'><command>kadmin.local</command></userinput>
 <prompt>kadmin:</prompt><userinput><command>addprinc <replaceable>[loginname]</replaceable></command></userinput></screen>
 
@@ -250 +250 @@
 </para>
 
-<screen><prompt>kadmin:</prompt><userinput><command>addprinc -randkey host/<replaceable>[belgarath.lfs.org]</replaceable></command></userinput></screen>
+<screen><prompt>kadmin:</prompt><userinput role='root'><command>addprinc -randkey host/<replaceable>[belgarath.lfs.org]</replaceable></command></userinput></screen>
 
 <para>
@@ -257 +257 @@
 </para>
 
-<screen><prompt>kadmin:</prompt><userinput><command>ktadd host/<replaceable>[belgarath.lfs.org]</replaceable></command></userinput></screen>
+<screen><prompt>kadmin:</prompt><userinput role='root'><command>ktadd host/<replaceable>[belgarath.lfs.org]</replaceable></command></userinput></screen>
 
 <para>
@@ -272 +272 @@
 </para>
 
-<screen><prompt>kadmin:</prompt><userinput><command>addprinc -randkey ftp/<replaceable>[belgarath.lfs.org]</replaceable></command></userinput>
-<prompt>kadmin:</prompt><userinput><command>ktadd ftp/<replaceable>[belgarath.lfs.org]</replaceable></command></userinput></screen>
+<screen><prompt>kadmin:</prompt><userinput role='root'><command>addprinc -randkey ftp/<replaceable>[belgarath.lfs.org]</replaceable></command></userinput>
+<prompt>kadmin:</prompt><userinput role='root'><command>ktadd ftp/<replaceable>[belgarath.lfs.org]</replaceable></command></userinput></screen>
 
 <para>
@@ -282 +282 @@
 </para>
 
-<screen><userinput><command>/usr/sbin/krb5kdc &amp;</command></userinput></screen>
+<screen><userinput role='root'><command>/usr/sbin/krb5kdc &amp;</command></userinput></screen>
 
 <para>
@@ -325 +325 @@
 </para>
 
-<screen><userinput><command>make install-kerberos</command></userinput></screen>
+<screen><userinput role='root'><command>make install-kerberos</command></userinput></screen>
 
 </sect4>

postlfs/security/stunnel.xml

@@ -68 +68 @@
 <command>chroot</command> jail by an unprivileged user. Create the new user, 
 group and <command>chroot</command> home directory structure using the 
-following commands:</para>
-
-<screen><userinput><command>groupadd stunnel &amp;&amp;
+following commands as the root user:</para>
+
+<screen><userinput role='root'><command>groupadd stunnel &amp;&amp;
 useradd -c "Stunnel Daemon" -d /var/lib/stunnel \
         -g stunnel -s /bin/false stunnel &amp;&amp;
@@ -94 +94 @@
 <screen><userinput><command>./configure --prefix=/usr --sysconfdir=/etc \
     --localstatedir=/var/lib/stunnel &amp;&amp;
-make &amp;&amp;
-make install</command></userinput></screen>
+make</command></userinput></screen>
+
+<para>Now, as the root user:</para>
+
+<screen><userinput role='root'><command>make install</command></userinput></screen>
 
 </sect2>
@@ -138 +141 @@
 configuration file using the following commands:</para>
 
-<screen><userinput><command>cat &gt;/etc/stunnel/stunnel.conf &lt;&lt; "EOF"</command>
+<screen><userinput role='root'><command>cat &gt;/etc/stunnel/stunnel.conf &lt;&lt; "EOF"</command>
 # File: /etc/stunnel/stunnel.conf
 
@@ -152 +155 @@
 configuration file. The format is as follows:</para> 
 
-<screen><userinput>[<replaceable>[service]</replaceable>]
+<screen><userinput role='root'>[<replaceable>[service]</replaceable>]
 accept  = <replaceable>[hostname:portnumber]</replaceable>
 connect = <replaceable>[hostname:portnumber]</replaceable></userinput></screen>
@@ -176 +179 @@
 <primary sortas="f-stunnel.init">stunnel</primary></indexterm>
 
-<screen><userinput><command>make install-stunnel</command></userinput></screen>
+<screen><userinput role='root'><command>make install-stunnel</command></userinput></screen>
 </sect3>
 

postlfs/security/tripwire.xml

@@ -19 +19 @@
 <?dbhtml filename="tripwire.html"?>
 <title>Tripwire-&tripwire-version;</title>
+<indexterm zone="tripwire-portable">
+<primary sortas="a-Tripwire">Tripwire</primary>
+</indexterm>
 
 <sect2>
@@ -41 +44 @@
 <sect3><title><application>Tripwire</application> dependencies</title>
 <sect4><title>Optional</title>
-<para><acronym>MTA</acronym> (See <xref linkend="server-mail"/>)</para></sect4>
+<para><acronym>MTA</acronym> (See <xref linkend="server-mail"/>)</para>
+</sect4>
 </sect3>
 
@@ -54 +58 @@
 <screen><userinput><command>sed -i -e 's@TWDB="${prefix}@TWDB="/var@' install/install.cfg &amp;&amp;
 ./configure --prefix=/usr --sysconfdir=/etc/tripwire &amp;&amp;
-make &amp;&amp;
-make install &amp;&amp;
+make</command></userinput></screen>
+
+<para>Now, as the root user:</para>
+
+<screen><userinput role='root'><command>make install &amp;&amp;
 cp policy/*.txt /usr/share/doc/tripwire</command></userinput></screen>
 
@@ -86 +93 @@
 <title>Configuring <application>Tripwire</application></title>
 
-<sect3><title>Config files</title>
+<sect3 id="tripwire-config"><title>Config files</title>
 <para><filename>/etc/tripwire/*</filename></para>
+<indexterm zone="tripwire-portable tripwire-config">
+<primary sortas="e-etc-tripwire">/etc/tripwire/*</primary>
+</indexterm>
 </sect3>
 
@@ -120 +130 @@
 configuration steps:</para>
 
-<screen><userinput><command>twadmin --create-polfile --site-keyfile /etc/tripwire/site.key \
+<screen><userinput role='root'><command>twadmin --create-polfile --site-keyfile /etc/tripwire/site.key \
     /etc/tripwire/twpol.txt &amp;&amp;
 tripwire --init</command></userinput></screen>
@@ -130 +140 @@
 to run a report, use the following command:</para>
 
-<screen><userinput><command>tripwire --check &gt; /etc/tripwire/report.txt</command></userinput></screen>
+<screen><userinput role='root'><command>tripwire --check &gt; /etc/tripwire/report.txt</command></userinput></screen>
 
 <para>View the output to check the integrity of your files. An automatic
@@ -149 +159 @@
 substitutions for <replaceable>[?]</replaceable>:</para>
 
-<screen><userinput><command>tripwire --update -twrfile \
+<screen><userinput role='root'><command>tripwire --update -twrfile \
     /var/lib/tripwire/report/linux-<replaceable>[???????]</replaceable>-<replaceable>[??????]</replaceable>.twr</command></userinput></screen>
 
@@ -166 +176 @@
 commands:</para>
 
-<screen><userinput><command>twadmin --create-polfile /etc/tripwire/twpol.txt &amp;&amp;
+<screen><userinput role='root'><command>twadmin --create-polfile /etc/tripwire/twpol.txt &amp;&amp;
 tripwire --init</command></userinput></screen>
-
 </sect3>
 
@@ -177 +186 @@
 <segmentedlist>
   <segtitle>Installed Programs</segtitle>
+  <segtitle>Installed Directories</segtitle>
   <seglistitem>
     <seg>siggen, tripwire, twadmin and twprint.</seg>
+    <seg>/etc/tripwire, /usr/share/doc/tripwire and /var/lib/tripwire</seg>
   </seglistitem>
 </segmentedlist>
@@ -190 +201 @@
     <listitem><para>is a signature gathering utility that displays 
       the hash function values for the specified files.</para>
+    <indexterm zone="tripwire-portable siggen">
+      <primary sortas="b-siggen">siggen</primary>
+    </indexterm>
     </listitem>
   </varlistentry>
@@ -195 +209 @@
   <varlistentry id='tripwire'>
     <term><command>tripwire</command></term> 
-    <listitem><para>is the main file integrity checking program.</para></listitem>
+    <listitem><para>is the main file integrity checking program.</para>
+    <indexterm zone="tripwire-portable tripwire">
+      <primary sortas="b-tripwire">tripwire</primary>
+    </indexterm>
+    </listitem>
   </varlistentry>
 
@@ -202 +220 @@
     <listitem><para>administrative and utility tool used to perform 
       certain administrative functions related to 
-      <application>Tripwire</application> files and configuration options.</para>
+      <application>Tripwire</application> files and configuration 
+        options.</para>
+    <indexterm zone="tripwire-portable twadmin">
+      <primary sortas="b-twadmin">twadmin</primary>
+    </indexterm>
     </listitem>
   </varlistentry>
@@ -210 +232 @@
     <listitem><para>prints <application>Tripwire</application> 
       database and report files in clear text format.</para>
+    <indexterm zone="tripwire-portable twprint">
+      <primary sortas="b-twprint">twprint</primary>
+    </indexterm>
     </listitem>
   </varlistentry>