diff options
| author | rwatson <rwatson@FreeBSD.org> | 2003-11-28 18:47:45 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2003-11-28 18:47:45 +0000 |
| commit | e983c8d12df02353a044c03cba700a236381ae1f (patch) | |
| tree | 7438a7ba82574b8c95f31336320c09863c426e53 /usr.sbin/sade/install.c | |
| parent | 769360c4407229ea650d8944b6bdd883adcdf365 (diff) | |
| download | FreeBSD-src-e983c8d12df02353a044c03cba700a236381ae1f.zip FreeBSD-src-e983c8d12df02353a044c03cba700a236381ae1f.tar.gz | |
Remove security profiles from sysinstall. Currently, security profile
selection is used to drive two configuration parameters:
(1) Default enable/disable for sshd
(2) Default enable/disable for securelevels
Replace this with an explicit choice to enable/disable sshd. A
follow-up commit will add a configuration option to the Security
post-install configuration menu to set the securelevel in rc.conf
explicitly. This should reduce the level of foot-shooting associated
with accidental enabling of securelevels, make the nature and
implications of the securelevel configuration options more explicit,
as well as make the choice to enable/disable sshd more explicit.
Approved by: re (scottl)
Diffstat (limited to 'usr.sbin/sade/install.c')
| -rw-r--r-- | usr.sbin/sade/install.c | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/usr.sbin/sade/install.c b/usr.sbin/sade/install.c index 4d063d2..3d5a7bd 100644 --- a/usr.sbin/sade/install.c +++ b/usr.sbin/sade/install.c @@ -529,8 +529,6 @@ installExpress(dialogMenuItem *self) if (DITEM_STATUS((i = installCommit(self))) == DITEM_SUCCESS) { i |= DITEM_LEAVE_MENU; - /* Set default security level */ - configSecurityModerate(NULL); /* Give user the option of one last configuration spree */ installConfigure(); @@ -622,6 +620,10 @@ nodisks: configInetd(self); dialog_clear_norefresh(); + if (!msgNoYes("Would you like to enable SSH login?")) + variable_set2("sshd_enable", "YES", 1); + + dialog_clear_norefresh(); if (!msgNoYes("Do you want to have anonymous FTP access to this machine?")) configAnonFTP(self); @@ -633,12 +635,6 @@ nodisks: if (!msgNoYes("Do you want to configure this machine as an NFS client?")) variable_set2("nfs_client_enable", "YES", 1); - if (!msgNoYes("Do you want to select a default security profile for\n" - "this host (select No for \"moderate\" security)?")) - configSecurityProfile(self); - else - configSecurityModerate(self); - #ifdef WITH_SYSCONS dialog_clear_norefresh(); if (!msgNoYes("Would you like to customize your system console settings?")) @@ -720,9 +716,6 @@ installCustomCommit(dialogMenuItem *self) i = installCommit(self); if (DITEM_STATUS(i) == DITEM_SUCCESS) { - /* Set default security level */ - configSecurityModerate(NULL); - /* Give user the option of one last configuration spree */ installConfigure(); return i; |
