Changeset 30f1425
- Timestamp:
- 09/13/2003 03:39:09 PM (21 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 12.2, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gimp3, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, v5_0, v5_0-pre1, v5_1, v5_1-pre1, xry111/for-12.3, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/spidermonkey128, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- b2a7072d
- Parents:
- 8f44fa03
- Location:
- postlfs
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/config/profile.xml
r8f44fa03 r30f1425 99 99 # Setup some environment variables. 100 100 HISTSIZE=1000 101 HISTIGNORE="&:[bf]g:exit" 101 102 PS1="[\u@\h \w]\\$ " 102 103 … … 115 116 fi 116 117 117 export PATH HISTSIZE PS1 LS_COLORS INPUTRC118 export PATH HISTSIZE HISTIGNORE PS1 LS_COLORS INPUTRC 118 119 119 120 # End /etc/profile -
postlfs/security/firewalling/busybox.xml
r8f44fa03 r30f1425 83 83 <screen>iptables -t nat -A PREROUTING -i ppp+ -s 10.0.0.0/8 -j DROP 84 84 iptables -t nat -A PREROUTING -i ppp+ -s 172.16.0.0/12 -j DROP 85 iptables -t nat -A PREROUTING -i ppp+ -s 192.168.0.0/16 -j 86 DROP</screen></para></listitem> 85 iptables -t nat -A PREROUTING -i ppp+ -s 192.168.0.0/16 -j DROP</screen></para></listitem> 87 86 88 87 <listitem><para>To simplify debugging and be fair to anyone who'd like to -
postlfs/security/firewalling/intro.xml
r8f44fa03 r30f1425 73 73 74 74 <sect3><title>Packetfilter / partly accessible net [partly described 75 here, see <xref linkend="postlfs-security-fw-busybox"/> </title>75 here, see <xref linkend="postlfs-security-fw-busybox"/>]</title> 76 76 <para>Doing routing or masquerading, but permitting only selected 77 77 services to be accessible, sometimes only by selected internal users or boxes; -
postlfs/security/firewalling/kernel.xml
r8f44fa03 r30f1425 26 26 IP: TCP syncookie support: Y 27 27 IP: Netfilter Configuration menu 28 Every option except: 29 ipchains (2.2-style) support 30 ipfwadm (2.0-style) support Y or M28 Every option except: Y or M 29 ipchains (2.2-style) support N 30 ipfwadm (2.0-style) support N 31 31 Fast switching: N</screen> 32 32 -
postlfs/security/firewalling/library.xml
r8f44fa03 r30f1425 32 32 </literallayout></blockquote></para> 33 33 34 < para>If a link proves to be dead or if you think I missed one,35 please mail!</para> 34 <!-- <para>If a link proves to be dead or if you think I missed one, 35 please mail!</para> --> 36 36 37 37 </sect3> -
postlfs/security/shadow/shadow-config.xml
r8f44fa03 r30f1425 1 1 <sect2> 2 <title>Configuring PAM to work with shadow</title> 2 <title>Configuring <application><acronym>PAM</acronym></application> to work 3 with <application>shadow</application></title> 3 4 4 5 <sect3><title>Config files</title> … … 12 13 <sect3><title>Configuration Information</title> 13 14 14 <para>Add the following PAM configuration files to 15 <filename>/etc/pam.d</filename> (or add them to 16 <filename>/etc/pam.conf</filename> with 17 the additional field for the program). 15 <para>Add the following <application><acronym>PAM</acronym></application> 16 configuration files to <filename>/etc/pam.d</filename> (or add them to 17 <filename>/etc/pam.conf</filename> with the additional field for the program). 18 18 </para> 19 <screen><userinput> cat > /etc/pam.d/login << "EOF"</userinput>19 <screen><userinput><command>cat > /etc/pam.d/login << "EOF"</command> 20 20 # Begin /etc/pam.d/login 21 21 … … 33 33 34 34 # End /etc/pam.d/login 35 < userinput>EOF36 cat > /etc/pam.d/passwd << "EOF"</ userinput>35 <command>EOF 36 cat > /etc/pam.d/passwd << "EOF"</command> 37 37 # Begin /etc/pam.d/passwd 38 38 … … 40 40 41 41 # End /etc/pam.d/passwd 42 < userinput>EOF43 cat > /etc/pam.d/shadow << "EOF"</ userinput>42 <command>EOF 43 cat > /etc/pam.d/shadow << "EOF"</command> 44 44 # Begin /etc/pam.d/shadow 45 45 … … 51 51 52 52 # End /etc/pam.d/shadow 53 < userinput>EOF54 cat > /etc/pam.d/su << "EOF"</ userinput>53 <command>EOF 54 cat > /etc/pam.d/su << "EOF"</command> 55 55 # Begin /etc/pam.d/su 56 56 … … 61 61 62 62 # End /etc/pam.d/su 63 < userinput>EOF64 cat > /etc/pam.d/useradd << "EOF"</ userinput>63 <command>EOF 64 cat > /etc/pam.d/useradd << "EOF"</command> 65 65 # Begin /etc/pam.d/useradd 66 66 … … 72 72 73 73 # End /etc/pam.d/useradd 74 < userinput>EOF75 cat > /etc/pam.d/chage << "EOF"</ userinput>74 <command>EOF 75 cat > /etc/pam.d/chage << "EOF"</command> 76 76 # Begin /etc/pam.d/chage 77 77 … … 83 83 84 84 # End /etc/pam.d/chage 85 < userinput>EOF</userinput></screen>85 <command>EOF</command></userinput></screen> 86 86 87 87 <para>Currently, <filename>/etc/pam.d/other</filename> is configured to … … 91 91 following:</para> 92 92 93 <screen><userinput> cat > /etc/pam.d/other << "EOF"</userinput>93 <screen><userinput><command>cat > /etc/pam.d/other << "EOF"</command> 94 94 # Begin /etc/pam.d/other 95 95 … … 102 102 103 103 # End /etc/pam.d/other 104 < userinput>EOF</userinput></screen>104 <command>EOF</command></userinput></screen> 105 105 106 106 <para>Finally, edit <filename>/etc/login.defs</filename> by adding '#' … … 119 119 ENVIRON_FILE</screen> 120 120 121 <para>This stops login from performing these functions, as they will now 122 be performed by PAM modules.</para> 121 <para>This stops <command>login</command> from performing these functions, as 122 they will now be performed by <application><acronym>PAM</acronym></application> 123 modules.</para> 123 124 124 125 </sect3> -
postlfs/security/shadow/shadow-exp.xml
r8f44fa03 r30f1425 2 2 <title>Command explanations</title> 3 3 4 <para>< userinput>cp debian/securetty /etc/securetty</userinput> : This5 command sets the tty's that allow logins through PAM.</para>4 <para><command>cp debian/securetty /etc/securetty</command> : This 5 command sets the tty's that allow logins through <acronym>PAM</acronym>.</para> 6 6 7 7 </sect2>
Note:
See TracChangeset
for help on using the changeset viewer.