diff options
author | eivind <eivind@FreeBSD.org> | 2000-07-28 22:45:36 +0000 |
---|---|---|
committer | eivind <eivind@FreeBSD.org> | 2000-07-28 22:45:36 +0000 |
commit | 126215b8e1fefe0132b7a6fb3caf7c1c129287cb (patch) | |
tree | 75eeb0957eaaf26ae5e87f6a11a989b829b7811f /usr.sbin/sade | |
parent | 32619ababb1de7a86b431c2da6e1a4884f041f79 (diff) | |
download | FreeBSD-src-126215b8e1fefe0132b7a6fb3caf7c1c129287cb.zip FreeBSD-src-126215b8e1fefe0132b7a6fb3caf7c1c129287cb.tar.gz |
Change the defaults for portmap, sendmail and inetd to be not running them.
Make sysinstall override this on install, so the effective behavioural
change for a newly installed system is null. Overall, this makes a system
with an empty /etc/rc.conf not run any network services, and makes the
FreeBSD-provided network services that are running visible in /etc/rc.conf
(instead of making people look through /etc/defaults/rc.conf to find the
things they need to disable to secure the system.)
Reviewed by: jhb
Discussed with: The usual cabal
Diffstat (limited to 'usr.sbin/sade')
-rw-r--r-- | usr.sbin/sade/config.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/usr.sbin/sade/config.c b/usr.sbin/sade/config.c index 3b3346b..b62fd27 100644 --- a/usr.sbin/sade/config.c +++ b/usr.sbin/sade/config.c @@ -387,6 +387,10 @@ configRC_conf(void) if (write_header) { fprintf(rcSite, "# This file now contains just the overrides from /etc/defaults/rc.conf\n"); fprintf(rcSite, "# please make all changes to this file.\n\n"); + fprintf(rcSite, "# Enable network daemons for user convenience.\n"); + fprintf(rcSite, "inetd_enable=\"YES\"\n"); + fprintf(rcSite, "portmap_enable=\"YES\"\n"); + fprintf(rcSite, "sendmail_enable=\"YES\"\n\b"); } /* Now do variable substitutions */ |