Changeset 9937138c for server/other
- Timestamp:
- 08/26/2012 03:21:43 AM (12 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- f88633e
- Parents:
- b53c153
- Location:
- server/other
- Files:
-
- 1 edited
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
server/other/other.xml
rb53c153 r9937138c 26 26 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="virtuoso.xml"/> 27 27 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="soprano.xml"/> 28 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="xinetd.xml"/> 28 29 29 30 </chapter> -
server/other/xinetd.xml
rb53c153 r9937138c 7 7 <!ENTITY xinetd-download-http "http://www.xinetd.org/xinetd-&xinetd-version;.tar.gz"> 8 8 <!ENTITY xinetd-download-ftp "&gentoo-ftp-repo;/xinetd-&xinetd-version;.tar.gz"> 9 <!ENTITY xinetd-md5sum " 567382d7972613090215c6c54f9b82d9">10 <!ENTITY xinetd-size "30 1KB">11 <!ENTITY xinetd-buildsize " 4.4MB">9 <!ENTITY xinetd-md5sum "77358478fd58efa6366accae99b8b04c"> 10 <!ENTITY xinetd-size "308 KB"> 11 <!ENTITY xinetd-buildsize "5.0 MB"> 12 12 <!ENTITY xinetd-time "less than 0.1 SBU"> 13 13 ]> … … 57 57 <bridgehead renderas="sect3">xinetd Dependencies</bridgehead> 58 58 59 <bridgehead renderas="sect4">Required</bridgehead> 60 <para role="required"><xref linkend="libtirpc"/></para> 61 59 62 <bridgehead renderas="sect4">Optional</bridgehead> 60 <para role="optional"><xref linkend="tcpwrappers"/> and 61 <xref linkend="avahi"/></para> 63 <para role="optional"><ulink url="ftp://ftp.porcupine.org/pub/security/">tcpwrappers (deprecated)</ulink></para> 62 64 63 65 <para condition="html" role="usernotes">User Notes: … … 72 74 commands:</para> 73 75 74 <screen><userinput>./configure --prefix=/usr --with-loadavg && 76 <screen><userinput>sed -i -e "/^LIBS/s/-lpset/& -ltirpc/" xinetd/Makefile.in && 77 sed -i -e "/register unsigned count/s/register//" xinetd/itox.c && 78 ./configure --prefix=/usr --with-loadavg && 75 79 make</userinput></screen> 76 80 … … 80 84 81 85 <screen role="root"><userinput>make install</userinput></screen> 86 87 </sect2> 88 89 <sect2 role="commands"> 90 <title>Command Explanations</title> 91 92 <para><command>sed ... xinetd/Makefile.in</command>: Ensure the program 93 links against the libtirpc library.</para> 94 95 <para><command>sed ... xinetd/itox.c</command>: Fix some compiler 96 warnings.</para> 82 97 83 98 </sect2> … … 107 122 <para>Ensure the path to all daemons is 108 123 <filename class="directory">/usr/sbin</filename>, rather than the default 109 path of <filename class="directory">/usr/ etc</filename>, and install the124 path of <filename class="directory">/usr/bin</filename>, and install the 110 125 <application>xinetd</application> configuration files by running the 111 126 following commands as the <systemitem class="username">root</systemitem> … … 115 130 <literal># Begin /etc/xinetd 116 131 # Configuration file for xinetd 117 #118 132 119 133 defaults … … 127 141 128 142 # All service files are stored in the /etc/xinetd.d directory 129 # 143 130 144 includedir /etc/xinetd.d 145 131 146 # End /etc/xinetd</literal> 132 147 EOF</userinput></screen> … … 137 152 138 153 <note> 139 <para>The following files are listed to demonstrate classic154 <para>The following files are listed to demonstrate several 140 155 <application>xinetd</application> applications. In many cases, these 141 applications are not needed. In some cases, theapplications are156 applications are not needed. Some classic applications are 142 157 considered security risks. For example, <command>telnet</command>, 143 158 <command>rlogin</command>, <command>rexec</command>, and … … 148 163 149 164 <screen role="root"><?dbfo keep-together="auto"?><userinput>install -v -d -m755 /etc/xinetd.d && 150 cat > /etc/xinetd.d/login << "EOF" && 151 <literal># Begin /etc/xinetd.d/login 152 153 service login 154 { 155 disable = yes 156 socket_type = stream 157 protocol = tcp 158 wait = no 159 user = root 160 server = /usr/sbin/in.rlogind 161 log_type = SYSLOG local4 info 162 } 163 164 # End /etc/xinetd.d/login</literal> 165 EOF 166 cat > /etc/xinetd.d/shell << "EOF" && 167 <literal># Begin /etc/xinetd.d/shell 168 169 service shell 170 { 171 disable = yes 172 socket_type = stream 173 wait = no 174 user = root 175 instances = UNLIMITED 176 flags = IDONLY 177 log_on_success += USERID 178 server = /usr/sbin/in.rshd 179 } 180 181 # End /etc/xinetd.d/shell</literal> 182 EOF 183 cat > /etc/xinetd.d/exec << "EOF" && 184 <literal># Begin /etc/xinetd.d/exec 185 186 service exec 187 { 188 disable = yes 189 socket_type = stream 190 wait = no 191 user = root 192 server = /usr/sbin/in.rexecd 193 } 194 195 # End /etc/xinetd.d/exec</literal> 196 EOF 197 cat > /etc/xinetd.d/comsat << "EOF" && 198 <literal># Begin /etc/xinetd.d/comsat 199 200 service comsat 201 { 202 disable = yes 203 socket_type = dgram 204 wait = yes 205 user = nobody 206 group = tty 207 server = /usr/sbin/in.comsat 208 } 209 210 # End /etc/xinetd.d/comsat</literal> 211 EOF 212 cat > /etc/xinetd.d/talk << "EOF" && 213 <literal># Begin /etc/xinetd.d/talk 214 215 service talk 216 { 217 disable = yes 218 socket_type = dgram 219 wait = yes 220 user = root 221 server = /usr/sbin/in.talkd 222 } 223 224 # End /etc/xinetd.d/talk</literal> 225 EOF 226 cat > /etc/xinetd.d/ntalk << "EOF" && 227 <literal># Begin /etc/xinetd.d/ntalk 228 229 service ntalk 230 { 231 disable = yes 232 socket_type = dgram 233 wait = yes 234 user = root 235 server = /usr/sbin/in.ntalkd 236 } 237 238 # End /etc/xinetd.d/ntalk</literal> 239 EOF 240 cat > /etc/xinetd.d/telnet << "EOF" && 241 <literal># Begin /etc/xinetd.d/telnet 242 243 service telnet 244 { 245 disable = yes 246 socket_type = stream 247 wait = no 248 user = root 249 server = /usr/sbin/in.telnetd 250 bind = 127.0.0.1 251 log_on_failure += USERID 252 } 253 254 service telnet 255 { 256 disable = yes 257 socket_type = stream 258 wait = no 259 user = root 260 # server = /usr/sbin/in.telnetd 261 bind = 192.231.139.175 262 redirect = 128.138.202.20 23 263 log_on_failure += USERID 264 } 265 266 # End /etc/xinetd.d/telnet</literal> 267 EOF 268 cat > /etc/xinetd.d/ftp << "EOF" && 269 <literal># Begin /etc/xinetd.d/ftp 270 271 service ftp 272 { 273 disable = yes 274 socket_type = stream 275 wait = no 276 user = root 277 server = /usr/sbin/in.ftpd 278 server_args = -l 279 instances = 4 280 log_on_success += DURATION USERID 281 log_on_failure += USERID 282 access_times = 2:00-8:59 12:00-23:59 283 nice = 10 284 } 285 286 # End /etc/xinetd.d/ftp</literal> 287 EOF 288 cat > /etc/xinetd.d/tftp << "EOF" && 289 <literal># Begin /etc/xinetd.d/tftp 290 291 service tftp 292 { 293 disable = yes 294 socket_type = dgram 295 wait = yes 296 user = root 297 server = /usr/sbin/in.tftpd 298 server_args = -s /tftpboot 299 } 300 301 # End /etc/xinetd.d/tftp</literal> 302 EOF 303 cat > /etc/xinetd.d/finger << "EOF" && 304 <literal># Begin /etc/xinetd.d/finger 305 306 service finger 307 { 308 disable = yes 309 socket_type = stream 310 wait = no 311 user = nobody 312 server = /usr/sbin/in.fingerd 313 } 314 315 # End /etc/xinetd.d/finger</literal> 316 EOF 165 317 166 cat > /etc/xinetd.d/systat << "EOF" && 318 167 <literal># Begin /etc/xinetd.d/systat … … 332 181 # End /etc/xinetd.d/systat</literal> 333 182 EOF 334 cat > /etc/xinetd.d/netstat << "EOF" && 335 <literal># Begin /etc/xinetd.d/netstat 336 337 service netstat 338 { 339 disable = yes 340 socket_type = stream 341 wait = no 342 user = nobody 343 server = /usr/ucb/netstat 344 server_args = -f inet 345 only_from = 128.138.209.0 346 log_on_success = HOST 347 } 348 349 # End /etc/xinetd.d/netstat</literal> 350 EOF 183 351 184 cat > /etc/xinetd.d/echo << "EOF" && 352 185 <literal># Begin /etc/xinetd.d/echo … … 376 209 # End /etc/xinetd.d/echo</literal> 377 210 EOF 211 378 212 cat > /etc/xinetd.d/chargen << "EOF" && 379 213 <literal># Begin /etc/xinetd.d/chargen … … 403 237 # End /etc/xinetd.d/chargen</literal> 404 238 EOF 239 405 240 cat > /etc/xinetd.d/daytime << "EOF" && 406 241 <literal># Begin /etc/xinetd.d/daytime … … 430 265 # End /etc/xinetd.d/daytime</literal> 431 266 EOF 267 432 268 cat > /etc/xinetd.d/time << "EOF" && 433 269 <literal># Begin /etc/xinetd.d/time … … 444 280 } 445 281 446 447 282 service time 448 283 { … … 457 292 458 293 # End /etc/xinetd.d/time</literal> 459 EOF460 cat > /etc/xinetd.d/rstatd << "EOF" &&461 <literal># Begin /etc/xinetd.d/rstatd462 463 service rstatd464 {465 disable = yes466 type = RPC467 flags = INTERCEPT468 rpc_version = 2-4469 socket_type = dgram470 protocol = udp471 server = /usr/sbin/rpc.rstatd472 wait = yes473 user = root474 }475 476 # End /etc/xinetd.d/rstatd</literal>477 EOF478 cat > /etc/xinetd.d/rquotad << "EOF" &&479 <literal># Begin /etc/xinetd.d/rquotad480 481 service rquotad482 {483 disable = yes484 type = RPC485 rpc_version = 1486 socket_type = dgram487 protocol = udp488 wait = yes489 user = root490 server = /usr/sbin/rpc.rstatd491 }492 493 # End /etc/xinetd.d/rquotad</literal>494 EOF495 cat > /etc/xinetd.d/rusersd << "EOF" &&496 <literal># Begin /etc/xinetd.d/rusersd497 498 service rusersd499 {500 disable = yes501 type = RPC502 rpc_version = 1-2503 socket_type = dgram504 protocol = udp505 wait = yes506 user = root507 server = /usr/sbin/rpc.rusersd508 }509 510 # End /etc/xinetd.d/rusersd</literal>511 EOF512 cat > /etc/xinetd.d/sprayd << "EOF" &&513 <literal># Begin /etc/xinetd.d/sprayd514 515 service sprayd516 {517 disable = yes518 type = RPC519 rpc_version = 1520 socket_type = dgram521 protocol = udp522 wait = yes523 user = root524 server = /usr/sbin/rpc.sprayd525 }526 527 # End /etc/xinetd.d/sprayd</literal>528 EOF529 cat > /etc/xinetd.d/walld << "EOF" &&530 <literal># Begin /etc/xinetd.d/walld531 532 service walld533 {534 disable = yes535 type = RPC536 rpc_version = 1537 socket_type = dgram538 protocol = udp539 wait = yes540 user = nobody541 group = tty542 server = /usr/sbin/rpc.rwalld543 }544 545 # End /etc/xinetd.d/walld</literal>546 EOF547 cat > /etc/xinetd.d/irc << "EOF"548 <literal># Begin /etc/xinetd.d/irc549 550 service irc551 {552 disable = yes553 socket_type = stream554 wait = no555 user = root556 flags = SENSOR557 type = INTERNAL558 bind = 192.168.1.30559 deny_time = 60560 }561 562 # End /etc/xinetd.d/irc</literal>563 294 EOF</userinput></screen> 564 295 … … 675 406 <screen role="root"><userinput>/etc/rc.d/init.d/xinetd start</userinput></screen> 676 407 677 <para>Checking the <filename>/var/log/daemon.log</filename> file 678 should prove quite entertaining. This file may contain entries 679 similar to the following:</para> 680 408 <para>Check the <filename>/var/log/daemon.log</filename> to ensure the 409 appropriate services are started. If no services are enabled, the program 410 will not start without the <option>-stayalive</option> option.</para> 411 412 <!-- 681 413 <screen><literal>Aug 22 21:40:21 dps10 xinetd[2696]: Server /usr/sbin/in.rlogind is not 682 414 executable [line=29] … … 689 421 <command>xinetd</command> is trying to control are not 690 422 installed yet.</para> 691 423 --> 692 424 </sect3> 693 425
Note:
See TracChangeset
for help on using the changeset viewer.