Date: Thu, 25 Jan 1996 16:27:46 -0800 From: Gord Broom <gjbroom@kinsella.csc.UVic.CA> To: FreeBSD-gnats-submit@freebsd.org Subject: conf/972: inetd.conf should comment out k-services if no Kerberos present Message-ID: <199601260027.QAA21837@kinsella.csc.UVic.CA> Resent-Message-ID: <199601260030.QAA21137@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 972 >Category: conf >Synopsis: inetd.conf should comment out k-services if no Kerberos present >Confidential: yes >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Class: support >Submitter-Id: current-users >Arrival-Date: Thu Jan 25 16:30:01 PST 1996 >Last-Modified: >Originator: Gord Broom <gjbroom@csc.UVic.CA> Research Programmer, University of Victoria >Organization: Gord Broom Programmer/Analyst Department of Computer Science, University of Victoria, CANADA <gjbroom@csc.UVic.CA> "Sure, alcohol kills brain cells. But only the weak ones." >Release: FreeBSD 2.1-STABLE i386 >Environment: Any CD-ROM installation. >Description: By default, the CD-ROM doesn't contain any DES or kerberos code. People in the USA and Canada can legally FTP the missing bits from ftp.freebsd.org and install them. If you install kerb on one machine but not another, remote logins to the unkerb-ed machine will fail because inetd.conf thinks that kerberos is there. >How-To-Repeat: Add the kerberos package to one system but not another, try to rlogin from the kerberized one. >Fix: Comment out the offending lines from inetd.conf Here's a patch to do just that: *** inetd.conf Thu Jan 25 16:20:08 1996 --- inetd.conf.new Thu Jan 25 16:20:36 1996 *************** *** 27,36 **** #daytime dgram udp wait root internal #time dgram udp wait root internal # Kerberos authenticated services ! klogin stream tcp nowait root /usr/libexec/rlogind rlogind -k ! eklogin stream tcp nowait root /usr/libexec/rlogind rlogind -k -x ! kshell stream tcp nowait root /usr/libexec/rshd rshd -k ! rkinit stream tcp nowait root /usr/libexec/rkinitd rkinitd # Services run ONLY on the Kerberos server # Neither of these work in FreeBSD 1.x. #krbupdate stream tcp nowait root /usr/libexec/registerd registerd --- 27,36 ---- #daytime dgram udp wait root internal #time dgram udp wait root internal # Kerberos authenticated services ! #klogin stream tcp nowait root /usr/libexec/rlogind rlogind -k ! #eklogin stream tcp nowait root /usr/libexec/rlogind rlogind -k -x ! #kshell stream tcp nowait root /usr/libexec/rshd rshd -k ! #rkinit stream tcp nowait root /usr/libexec/rkinitd rkinitd # Services run ONLY on the Kerberos server # Neither of these work in FreeBSD 1.x. #krbupdate stream tcp nowait root /usr/libexec/registerd registerd >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601260027.QAA21837>