Changeset c0b5bba for postlfs/security
- Timestamp:
- 07/12/2014 03:43:47 AM (10 years ago)
- Branches:
- gnome
- Children:
- a998e97
- Parents:
- 01dfd54
- Location:
- postlfs/security
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/libcap.xml
r01dfd54 rc0b5bba 69 69 <sect2 role="installation"> 70 70 <title>Installation of libcap</title> 71 72 <note> 73 <para> 74 Systemd users don't need to install this package since it has 75 already been installed as part of LFS. 76 </para> 77 </note> 71 78 72 79 <para>Install <application>libcap</application> by running the following -
postlfs/security/mitkrb.xml
r01dfd54 rc0b5bba 474 474 475 475 <indexterm zone="mitkrb mitkrb-init"> 476 <primary sortas="f-krb5">krb5</primary> 477 </indexterm> 478 479 <screen role="root"><userinput>make install-krb5</userinput></screen> 480 481 </sect3> 482 483 484 <sect3 id="mitkrb-init-systemd"> 485 <title>Systemd Unit File</title> 486 487 <note> 488 <para> 489 Note that Kerberos KDC server needs to be configured first, so don't 490 install systemd units unless krb5kdc has been tested to work according to 491 the BLFS instructions. The install process installs 3 units, one for krb5kdc, 492 one for kpropd the Kerberos Propagation Server and the one for kadmind 493 the Kerberos Admin Server. 494 </para> 495 </note> 496 497 <para> 498 Instead of using the classic boot script, the systemd-units package 499 provides native unit files. 500 Install the Systemd Unit included in the <xref linkend="systemd-units"/> 501 package using the following command: 502 </para> 503 504 <indexterm zone="mitkrb mitkrb-init-systemd"> 476 505 <primary sortas="f-krb5">krb5</primary> 477 506 </indexterm> -
postlfs/security/openssh.xml
r01dfd54 rc0b5bba 316 316 <screen role="root"><userinput>make install-sshd</userinput></screen> 317 317 </sect3> 318 319 <sect3 id="openssh-init-systemd"> 320 <title>Systemd Unit File</title> 321 322 <para> 323 Instead of using the classic boot script, the systemd-units package provides 324 native unit files. To start the SSH server at system boot, install the 325 systemd unit included in the <xref linkend="systemd-units"/> package.as the 326 <systemitem class="username">root</systemitem> user: 327 </para> 328 329 <indexterm zone="openssh openssh-init-systemd"> 330 <primary sortas="f-sshd">sshd</primary> 331 </indexterm> 332 333 <screen role="root"><userinput>make install-sshd</userinput></screen> 334 335 <note> 336 <para> 337 Note that this package comes with two types of units: A service file and a socket file. 338 The service file will start sshd daemon once at boot and it will keep running until the 339 system shuts down. The socket file will make systemd listen to sshd port (Default 22, needs 340 to be edited for anything else) and will start sshd daemon when something tries to connect 341 to that port and stop the daemon when the connection is terminated. This is 342 called socket activation. 343 344 By default, the first method is used - sshd daemon is started at boot and stopped at shutdown. 345 If the socket method is desired, you need to run as the <systemitem class="username">root</systemitem> user: 346 347 348 <screen role="root"> 349 350 <userinput> 351 352 systemctl stop sshd && 353 systemctl disable sshd.service && 354 systemctl enable sshd.socket && 355 systemctl start sshd.socket 356 357 </userinput> 358 </screen> 359 360 </para> 361 </note> 362 </sect3> 363 318 364 </sect2> 319 365 -
postlfs/security/polkit.xml
r01dfd54 rc0b5bba 90 90 <xref linkend="DocBook"/>, 91 91 <xref linkend="docbook-xsl"/>, 92 <xref linkend="gtk-doc"/>, 93 <xref linkend="libxslt"/> and 92 <xref linkend="gtk-doc"/>, and 93 <xref linkend="libxslt"/> 94 </para> 95 96 <bridgehead renderas="sect4">Optional (Required if using systemd and building GNOME)</bridgehead> 97 <para role="optional"> 94 98 <xref linkend="linux-pam"/> 95 99 </para> 100 101 <note> 102 <para> 103 This package will link against systemd libraries by default, since they are always installed 104 and in doing that, it doesn't require ConsoleKit anymore. 105 </para> 106 </note> 96 107 97 108 <note> … … 162 173 replace "no" by "yes". 163 174 </para> 175 176 <note> 177 <para> 178 Systemd users, if this package is going to be used, ie on desktops or if an 179 user wants to grant unprivileged users to be able to shut down, 180 reboot, etc the systemd PAM module needs to be built and set up. 181 It is also a good idea to build Polkit with PAM support, so the Polkit can take 182 advantage of the PAM module, so you need to remove the below parameter from 183 the configure line, and create the PAM file mentioned in the configuration section. 184 </para> 185 </note> 164 186 165 187 <para> -
postlfs/security/stunnel.xml
r01dfd54 rc0b5bba 241 241 242 242 <screen role="root"><userinput>make install-stunnel</userinput></screen> 243 244 </sect3> 245 246 <sect3 id="stunnel-init-systemd"> 247 <title>Systemd Unit File</title> 248 249 <para>This package provides a systemd unit in the source tarball. 250 To install it run the following commands as the 251 <systemitem class="username">root</systemitem> user: 252 </para> 253 <indexterm zone="stunnel stunnel-init-systemd"> 254 <primary sortas="f-stunnel">stunnel</primary> 255 </indexterm> 256 257 <para>Remove an unnecessary dependency:</para> 258 259 <screen role="root"><userinput>sed -i /syslog.target/d tools/stunnel.service</userinput></screen> 260 261 <para>Install the service:</para> 262 263 <screen role="root"><userinput>install -v -m644 tools/stunnel.service /lib/systemd/system/stunnel.service</userinput></screen> 264 265 <para>Enable the service:</para> 266 267 <screen role="root"><userinput>systemctl enable stunnel</userinput></screen> 243 268 244 269 </sect3>
Note:
See TracChangeset
for help on using the changeset viewer.