Changeset 30f1425


Ignore:
Timestamp:
09/13/2003 03:39:09 PM (21 years ago)
Author:
Larry Lawrence <larry@…>
Branches:
10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, v5_0, v5_0-pre1, v5_1, v5_1-pre1, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
Children:
b2a7072d
Parents:
8f44fa03
Message:

edits of firewalling and shadow

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1057 af4574ff-66df-0310-9fd7-8a98e5e911e0

Location:
postlfs
Files:
7 edited

Legend:

Unmodified
Added
Removed

  • postlfs/config/profile.xml

    r8f44fa03 r30f1425  
    9999# Setup some environment variables.
    100100HISTSIZE=1000
     101HISTIGNORE="&amp;:[bf]g:exit"
    101102PS1="[\u@\h \w]\\$ "
    102103
     
    115116fi
    116117
    117 export PATH HISTSIZE PS1 LS_COLORS INPUTRC
     118export PATH HISTSIZE HISTIGNORE PS1 LS_COLORS INPUTRC
    118119
    119120# End /etc/profile

  • postlfs/security/firewalling/busybox.xml

    r8f44fa03 r30f1425  
    8383<screen>iptables -t nat -A PREROUTING -i ppp+ -s 10.0.0.0/8     -j DROP
    8484iptables -t nat -A PREROUTING -i ppp+ -s 172.16.0.0/12  -j DROP
    85 iptables -t nat -A PREROUTING -i ppp+ -s 192.168.0.0/16 -j
    86 DROP</screen></para></listitem>
     85iptables -t nat -A PREROUTING -i ppp+ -s 192.168.0.0/16 -j DROP</screen></para></listitem>
    8786
    8887<listitem><para>To simplify debugging and be fair to anyone who'd like to

  • postlfs/security/firewalling/intro.xml

    r8f44fa03 r30f1425  
    7373
    7474<sect3><title>Packetfilter / partly accessible net [partly described
    75 here, see <xref linkend="postlfs-security-fw-busybox"/></title>
     75here, see <xref linkend="postlfs-security-fw-busybox"/>]</title>
    7676<para>Doing routing or masquerading, but permitting only selected
    7777services to be accessible, sometimes only by selected internal users or boxes;

  • postlfs/security/firewalling/kernel.xml

    r8f44fa03 r30f1425  
    2626  IP: TCP syncookie support:                        Y
    2727  IP: Netfilter Configuration menu
    28     Every option except:
    29       ipchains (2.2-style) support
    30       ipfwadm (2.0-style) support              Y or M
     28    Every option except:                       Y or M
     29      ipchains (2.2-style) support                  N
     30      ipfwadm (2.0-style) support                   N
    3131  Fast switching:                                   N</screen>
    3232

  • postlfs/security/firewalling/library.xml

    r8f44fa03 r30f1425  
    3232</literallayout></blockquote></para>
    3333
    34 <para>If a link proves to be dead or if you think I missed one,
    35 please mail!</para>
     34<!-- <para>If a link proves to be dead or if you think I missed one,
     35please mail!</para> -->
    3636
    3737</sect3>

  • postlfs/security/shadow/shadow-config.xml

    r8f44fa03 r30f1425  
    11<sect2>
    2 <title>Configuring PAM to work with shadow</title>
     2<title>Configuring <application><acronym>PAM</acronym></application> to work
     3with <application>shadow</application></title>
    34
    45<sect3><title>Config files</title>
     
    1213<sect3><title>Configuration Information</title>
    1314
    14 <para>Add the following PAM configuration files to
    15 <filename>/etc/pam.d</filename> (or add them to
    16 <filename>/etc/pam.conf</filename> with
    17 the additional field for the program).
     15<para>Add the following <application><acronym>PAM</acronym></application>
     16configuration files to <filename>/etc/pam.d</filename> (or add them to
     17<filename>/etc/pam.conf</filename> with the additional field for the program).
    1818</para>
    19 <screen><userinput>cat &gt; /etc/pam.d/login &lt;&lt; "EOF"</userinput>
     19<screen><userinput><command>cat &gt; /etc/pam.d/login &lt;&lt; "EOF"</command>
    2020# Begin /etc/pam.d/login
    2121
     
    3333
    3434# End /etc/pam.d/login
    35 <userinput>EOF
    36 cat &gt; /etc/pam.d/passwd &lt;&lt; "EOF"</userinput>
     35<command>EOF
     36cat &gt; /etc/pam.d/passwd &lt;&lt; "EOF"</command>
    3737# Begin /etc/pam.d/passwd
    3838
     
    4040
    4141# End /etc/pam.d/passwd
    42 <userinput>EOF
    43 cat &gt; /etc/pam.d/shadow &lt;&lt; "EOF"</userinput>
     42<command>EOF
     43cat &gt; /etc/pam.d/shadow &lt;&lt; "EOF"</command>
    4444# Begin /etc/pam.d/shadow
    4545
     
    5151
    5252# End /etc/pam.d/shadow
    53 <userinput>EOF
    54 cat &gt; /etc/pam.d/su &lt;&lt; "EOF"</userinput>
     53<command>EOF
     54cat &gt; /etc/pam.d/su &lt;&lt; "EOF"</command>
    5555# Begin /etc/pam.d/su
    5656
     
    6161
    6262# End /etc/pam.d/su
    63 <userinput>EOF
    64 cat &gt; /etc/pam.d/useradd &lt;&lt; "EOF"</userinput>
     63<command>EOF
     64cat &gt; /etc/pam.d/useradd &lt;&lt; "EOF"</command>
    6565# Begin /etc/pam.d/useradd
    6666
     
    7272
    7373# End /etc/pam.d/useradd
    74 <userinput>EOF
    75 cat &gt; /etc/pam.d/chage &lt;&lt; "EOF"</userinput>
     74<command>EOF
     75cat &gt; /etc/pam.d/chage &lt;&lt; "EOF"</command>
    7676# Begin /etc/pam.d/chage
    7777
     
    8383
    8484# End /etc/pam.d/chage
    85 <userinput>EOF</userinput></screen>
     85<command>EOF</command></userinput></screen>
    8686
    8787<para>Currently, <filename>/etc/pam.d/other</filename> is configured to
     
    9191following:</para>
    9292
    93 <screen><userinput>cat &gt; /etc/pam.d/other &lt;&lt; "EOF"</userinput>
     93<screen><userinput><command>cat &gt; /etc/pam.d/other &lt;&lt; "EOF"</command>
    9494# Begin /etc/pam.d/other
    9595
     
    102102
    103103# End /etc/pam.d/other
    104 <userinput>EOF</userinput></screen>
     104<command>EOF</command></userinput></screen>
    105105
    106106<para>Finally, edit <filename>/etc/login.defs</filename> by adding '#'
     
    119119ENVIRON_FILE</screen>
    120120
    121 <para>This stops login from performing these functions, as they will now
    122 be performed by PAM modules.</para>
     121<para>This stops <command>login</command> from performing these functions, as
     122they will now be performed by <application><acronym>PAM</acronym></application>
     123modules.</para>
    123124
    124125</sect3>

  • postlfs/security/shadow/shadow-exp.xml

    r8f44fa03 r30f1425  
    22<title>Command explanations</title>
    33
    4 <para><userinput>cp debian/securetty /etc/securetty</userinput> : This
    5 command sets the tty's that allow logins through PAM.</para>
     4<para><command>cp debian/securetty /etc/securetty</command> : This
     5command sets the tty's that allow logins through <acronym>PAM</acronym>.</para>
    66
    77</sect2>
Note: See TracChangeset for help on using the changeset viewer.