Changeset bc6e56d for postlfs/security
- Timestamp:
- 08/01/2012 12:04:22 PM (12 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 12.2, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gimp3, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/for-12.3, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/spidermonkey128, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 2da85d11
- Parents:
- f2d2b62
- Location:
- postlfs/security
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/openssh.xml
rf2d2b62 rbc6e56d 85 85 <para role="optional"> 86 86 <xref linkend="linux-pam"/>, 87 <xref linkend="tcpwrappers"/>,88 87 <xref linkend="x-window-system"/>, 89 88 <xref linkend="mitkrb"/>, … … 96 95 <bridgehead renderas="sect4">Optional Runtime (Used only to gather entropy)</bridgehead> 97 96 <para role="optional"> 98 <xref linkend="openjdk"/> <!-- or <xref linkend="jdk"/>-->,97 <xref linkend="openjdk"/>, 99 98 <xref linkend="net-tools"/> and 100 99 <xref linkend="sysstat"/>. … … 123 122 useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd \ 124 123 -s /bin/false -u 50 sshd</userinput></screen> 125 126 <para>127 <application>OpenSSH</application> is very sensitive to changes in the128 linked <application>OpenSSL</application> libraries. If you recompile129 <application>OpenSSL</application>, <application>OpenSSH</application> may130 fail to start up. An alternative is to link against the static131 <application>OpenSSL</application> library. To link against the static132 library, execute the following command:133 </para>134 135 <screen><userinput>sed -i 's@-lcrypto@/usr/lib/libcrypto.a -ldl@' configure</userinput></screen>136 124 137 125 <para> … … 149 137 150 138 <para> 151 If you linked <application>tcp_wrappers</application> into the build using 152 the <option>--with-tcp-wrappers</option> parameter, ensure you add 153 127.0.0.1 to the sshd line in <filename>/etc/hosts.allow</filename> if you 154 have a restrictive <filename>/etc/hosts.deny</filename> file, or the test 155 suite will fail. Additionally, the testsuite requires an installed copy of 156 <command>scp</command> to complete the multiplexing tests. To run the test 157 suite, first copy the scp program to 158 <filename class="directory">/usr/bin</filename>, making sure that you back 159 up any existing copy first. 139 The testsuite requires an installed copy of <command>scp</command> to 140 complete the multiplexing tests. To run the test suite, first copy the 141 <command>scp</command> program to 142 <filename class="directory">/usr/bin</filename>, making sure that you 143 back up any existing copy first. 160 144 </para> 161 145 -
postlfs/security/security.xml
rf2d2b62 rbc6e56d 68 68 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="stunnel.xml"/> 69 69 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="sudo.xml"/> 70 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="tcpwrappers.xml"/>71 70 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="tripwire.xml"/> 72 71 -
postlfs/security/stunnel.xml
rf2d2b62 rbc6e56d 75 75 <bridgehead renderas="sect4">Required</bridgehead> 76 76 <para role="required"><xref linkend="openssl"/></para> 77 78 <bridgehead renderas="sect4">Optional</bridgehead>79 <para role="optional"><xref linkend="tcpwrappers"/></para>80 77 81 78 <para condition="html" role="usernotes">User Notes:
Note:
See TracChangeset
for help on using the changeset viewer.