From owner-freebsd-questions Mon Apr 22 14:25:12 2002 Delivered-To: freebsd-questions@freebsd.org Received: from swan.prod.itd.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123]) by hub.freebsd.org (Postfix) with ESMTP id 2569437BB01 for ; Mon, 22 Apr 2002 14:22:36 -0700 (PDT) Received: from user-119aekg.biz.mindspring.com ([66.149.58.144] helo=ns.flncs.com) by swan.prod.itd.earthlink.net with esmtp (Exim 3.33 #2) id 16zlG8-0007G6-00; Mon, 22 Apr 2002 14:22:04 -0700 Received: from yafa (unknown [192.168.0.100]) by ns.flncs.com (Postfix) with SMTP id D7D13550E; Mon, 22 Apr 2002 17:25:16 -0400 (EDT) Message-ID: <000f01c1ea43$32da4bc0$6400a8c0@yafa> From: "Moti Levy" To: "Rafter Man" , References: <20020422094515.7442.qmail@linuxmail.org> Subject: Re: [security] Re: Mysterious sshd "starting itself" at bootup Date: Mon, 22 Apr 2002 17:18:07 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG just change the local_startup="/usr/local/etc/rc.d /usr/X11R6/etc/rc.d" to what ever you like .... ----- Original Message ----- From: "Rafter Man" To: Sent: Monday, April 22, 2002 5:45 AM Subject: [security] Re: Mysterious sshd "starting itself" at bootup > ----- Original Message ----- > From: "Peter Leftwich" > > It was my understanding that the stuff in /etc/rc.network have some > > dependencies on what the sysadmin has configured IN /etc/rc.conf as there > > are some lines in my /etc/rc.network that say: > > > > case ${sshd_enable} in > > [Yy][Ee][Ss]) > > > > And some lines in my /etc/rc.conf that say: > > > > sshd_enable="NO" # Enable sshd > > > > ...which in other words would match the /etc/rc.network stuff above were it: > > > > case ${sshd_enable} in > > [Nn][Oo]) > > Maybe it is just me, but for security reasons I think that it should only be possible to start services > from 1 file/place at bootup. So that you in /boot have a directory for the system bootup files (all for them) > and one for user and other (programs and services) bootup files. > This way ALL the boot files and in /boot and services like FTP, SMTP, SSH, HTTP can not be started > by system files, but only by user/other files. > > Likewise I think that there should be a /etc/services directory with underdirectories like: > /etc/services/ftp and ALL the configuration files for ftp should be there, but maybe I am > the only one who likes it when things are sooooo simple. > > I am VERY pleased to see that FreeBSD 5.0 have put some order in the FreeBSD filesystem, but > I still think there are to many exampels for configuration files not "in place". Meaning > that in order to setup (fx) sendmail, you have to studie which bootfiles it writes to and > where it put all it's own configuration files, things could be a lot easier if all were in > "the right place". > So when you install a service, fx sendmail files go here: > /boot/services/sendmail.sh (if the files is a script then run it) > /etc/service/sendmail/ all sendmails configuration files > /usr/services/sendmail/ all sendmails other files. > > Or is this just plain dumb? > > /rafter > -- > > Get your free email from www.linuxmail.org > > > Powered by Outblaze > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message