summaryrefslogtreecommitdiffstats
path: root/usr.sbin/sysinstall/dispatch.c
diff options
context:
space:
mode:
authorrwatson <rwatson@FreeBSD.org>2001-08-02 03:25:16 +0000
committerrwatson <rwatson@FreeBSD.org>2001-08-02 03:25:16 +0000
commit1e1af75f40ca41406710beb9b92dce84af3e8325 (patch)
tree69a33c016d59b2712939bd3387495c538e03fe8c /usr.sbin/sysinstall/dispatch.c
parent4f9a35a47bfc7ab2e2bd6a15305928d80f80536c (diff)
downloadFreeBSD-src-1e1af75f40ca41406710beb9b92dce84af3e8325.zip
FreeBSD-src-1e1af75f40ca41406710beb9b92dce84af3e8325.tar.gz
Compensate for default disabling of network services in inetd.conf(5)
by providing the opportunity to edit inetd.conf during the system installation process. The following modifications were made: (1) Expand the Anonymous FTP description dialog to indicate that inetd and ftpd must be enabled before it can be used. (2) Introduce a new configInetd() pair of dialogs, the first describing inetd, giving a couple of examples of services that require it, and hinting at potential risk, then asking the user if they wish to enable it. The second indicates that inetd.conf must be configured to enabled specific services, and asks if the user would like to load inetd.conf into the editor to modify it. Add this configuration action to the index. There are some further improvements that might be considered: (1) Provide a more inetd.conf-specific configuration tool that speaks inetd.conf(5). However, this is made difficult by the "yet another configuration format" nature of inetd.conf, as well as its use of commenting to disable services, rather than an in-syntax way to disable a service without commenting it out. Submissions here would probably be welcome. (2) There's some overlap between settings in the somewhat obtuse Security Profile mechanism and other settings, including the inetd setting, and NFS server configuration. As features become individually tunable, they should probably be removed from the security profile mechanism. Otherwise, somewhat counter-intuitively, sysinstall (in practice) queries multiple times whether inetd, nfsd, etc, should be enabled/disabled. A possible future direction might be to drive profiles not by degree of paranoia, rather, the set of services desired. Or simply to remove the Security Profile mechanism and resort to feature-driven configuration. Reviewed by: imp, chris, jake, nate, -arch, -stable
Diffstat (limited to 'usr.sbin/sysinstall/dispatch.c')
-rw-r--r--usr.sbin/sysinstall/dispatch.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/usr.sbin/sysinstall/dispatch.c b/usr.sbin/sysinstall/dispatch.c
index 0d1a67c..cc87f2b 100644
--- a/usr.sbin/sysinstall/dispatch.c
+++ b/usr.sbin/sysinstall/dispatch.c
@@ -52,6 +52,7 @@ static struct _word {
} resWords[] = {
{ "configAnonFTP", configAnonFTP },
{ "configRouter", configRouter },
+ { "configInetd", configInetd },
{ "configNFSServer", configNFSServer },
{ "configNTP", configNTP },
{ "configPCNFSD", configPCNFSD },
OpenPOWER on IntegriCloud