summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--usr.sbin/sade/config.c33
-rw-r--r--usr.sbin/sade/dispatch.c1
-rw-r--r--usr.sbin/sade/install.c4
-rw-r--r--usr.sbin/sade/menus.c3
-rw-r--r--usr.sbin/sade/sade.h1
-rw-r--r--usr.sbin/sysinstall/anonFTP.c13
-rw-r--r--usr.sbin/sysinstall/config.c33
-rw-r--r--usr.sbin/sysinstall/dispatch.c1
-rw-r--r--usr.sbin/sysinstall/install.c4
-rw-r--r--usr.sbin/sysinstall/menus.c3
-rw-r--r--usr.sbin/sysinstall/sysinstall.h1
11 files changed, 95 insertions, 2 deletions
diff --git a/usr.sbin/sade/config.c b/usr.sbin/sade/config.c
index 41a8907..56ffede 100644
--- a/usr.sbin/sade/config.c
+++ b/usr.sbin/sade/config.c
@@ -955,6 +955,39 @@ configPCNFSD(dialogMenuItem *self)
}
int
+configInetd(dialogMenuItem *self)
+{
+ char cmd[256];
+
+ WINDOW *w = savescr();
+
+ if (msgYesNo("The Internet Super Server (inetd) allows a number of simple Internet\n"
+ "services to be enabled, including finger, ftp, and telnetd. Enabling\n"
+ "these services may increase risk of security problems by increasing\n"
+ "the exposure of your system.\n\n"
+ "With this in mind, do you wish to enable inetd?\n")) {
+ variable_set2("inetd_enable", "NO", 1);
+ } else {
+ /* If inetd is enabled, we'll need an inetd.conf */
+
+ if (!msgYesNo("inetd(8) relies on its configuration file, /etc/inetd.conf, to determine\n"
+ "which of its Internet services will be available. The default FreeBSD\n"
+ "inetd.conf(5) leaves all services disabled by default, so they must be\n"
+ "specifically enabled in the configuration file before they will\n"
+ "function, even once inetd(8) is enabled. Note that services for\n"
+ "IPv6 must be seperately enabled from IPv4 services.\n\n"
+ "Select [Yes] now to invoke an editor on /etc/inetd.conf, or [No] to\n"
+ "use the current settings.\n")) {
+ sprintf(cmd, "%s /etc/inetd.conf", variable_get(VAR_EDITOR));
+ dialog_clear();
+ systemExecute(cmd);
+ variable_set2("inetd_enable", "YES", 1);
+ }
+ }
+ restorescr(w);
+}
+
+int
configNFSServer(dialogMenuItem *self)
{
char cmd[256];
diff --git a/usr.sbin/sade/dispatch.c b/usr.sbin/sade/dispatch.c
index 0d1a67c..cc87f2b 100644
--- a/usr.sbin/sade/dispatch.c
+++ b/usr.sbin/sade/dispatch.c
@@ -52,6 +52,7 @@ static struct _word {
} resWords[] = {
{ "configAnonFTP", configAnonFTP },
{ "configRouter", configRouter },
+ { "configInetd", configInetd },
{ "configNFSServer", configNFSServer },
{ "configNTP", configNTP },
{ "configPCNFSD", configPCNFSD },
diff --git a/usr.sbin/sade/install.c b/usr.sbin/sade/install.c
index b53cb48..fa9231d 100644
--- a/usr.sbin/sade/install.c
+++ b/usr.sbin/sade/install.c
@@ -573,6 +573,10 @@ nodisks:
variable_set2("gateway_enable", "YES", 1);
dialog_clear_norefresh();
+ if (!msgNoYes("Do you want to configure inetd and simple internet services?"))
+ configInetd(self);
+
+ dialog_clear_norefresh();
if (!msgNoYes("Do you want to have anonymous FTP access to this machine?"))
configAnonFTP(self);
diff --git a/usr.sbin/sade/menus.c b/usr.sbin/sade/menus.c
index abc223f..5e3750c 100644
--- a/usr.sbin/sade/menus.c
+++ b/usr.sbin/sade/menus.c
@@ -235,6 +235,7 @@ DMenu MenuIndex = {
{ " FTP sites", "The FTP mirror site listing.", NULL, dmenuSubmenu, NULL, &MenuMediaFTP },
{ " Gateway", "Set flag to route packets between interfaces.", dmenuVarCheck, dmenuToggleVariable, NULL, "gateway=YES" },
{ " HTML Docs", "The HTML documentation menu", NULL, docBrowser },
+ { " inetd Configuration", "Configure inetd and simple internet services.", dmenuVarCheck, configInetd, NULL, "inetd_enable=YES" },
{ " Install, Standard", "A standard system installation.", NULL, installStandard },
{ " Install, Express", "An express system installation.", NULL, installExpress },
{ " Install, Custom", "The custom installation menu", NULL, dmenuSubmenu, NULL, &MenuInstallCustom },
@@ -1332,7 +1333,7 @@ DMenu MenuNetworking = {
{ " Gateway", "This machine will route packets between interfaces",
dmenuVarCheck, dmenuToggleVariable, NULL, "gateway_enable=YES" },
{ " inetd", "This machine wants to run the inet daemon",
- dmenuVarCheck, dmenuToggleVariable, NULL, "inetd_enable=YES" },
+ dmenuVarCheck, configInetd, NULL, "inetd_enable=YES" },
{ " NFS client", "This machine will be an NFS client",
dmenuVarCheck, dmenuToggleVariable, NULL, "nfs_client_enable=YES" },
{ " NFS server", "This machine will be an NFS server",
diff --git a/usr.sbin/sade/sade.h b/usr.sbin/sade/sade.h
index 6c9ed8f..14d1b95 100644
--- a/usr.sbin/sade/sade.h
+++ b/usr.sbin/sade/sade.h
@@ -447,6 +447,7 @@ extern int configXSetup(dialogMenuItem *self);
extern int configXDesktop(dialogMenuItem *self);
extern int configRouter(dialogMenuItem *self);
extern int configPCNFSD(dialogMenuItem *self);
+extern int configInetd(dialogMenuItem *self);
extern int configNFSServer(dialogMenuItem *self);
extern int configWriteRC_conf(dialogMenuItem *self);
extern int configSecurityProfile(dialogMenuItem *self);
diff --git a/usr.sbin/sysinstall/anonFTP.c b/usr.sbin/sysinstall/anonFTP.c
index 5291207..7606be2 100644
--- a/usr.sbin/sysinstall/anonFTP.c
+++ b/usr.sbin/sysinstall/anonFTP.c
@@ -238,6 +238,19 @@ int
configAnonFTP(dialogMenuItem *self)
{
int i;
+
+
+ if (msgYesNo("Anonymous FTP permits un-authenticated users to connect to the system\n"
+ "FTP server, if FTP service is enabled. Anonymous users are\n"
+ "restricted to a specific subset of the file system, and the default\n"
+ "configuration provides a drop-box incoming directory to which uploads\n"
+ "are permitted. You must seperately enable both inetd(8), and enable\n"
+ "ftpd(8) in inetd.conf(5) for FTP services to be available. If you\n"
+ "did not do so earlier, you will have the opportunity to enable inetd(8)\n"
+ "again later.\n\n"
+ "Do you wish to continue configuring anonymous FTP?")) {
+ return DITEM_FAILURE;
+ }
/* Be optimistic */
i = DITEM_SUCCESS;
diff --git a/usr.sbin/sysinstall/config.c b/usr.sbin/sysinstall/config.c
index 41a8907..56ffede 100644
--- a/usr.sbin/sysinstall/config.c
+++ b/usr.sbin/sysinstall/config.c
@@ -955,6 +955,39 @@ configPCNFSD(dialogMenuItem *self)
}
int
+configInetd(dialogMenuItem *self)
+{
+ char cmd[256];
+
+ WINDOW *w = savescr();
+
+ if (msgYesNo("The Internet Super Server (inetd) allows a number of simple Internet\n"
+ "services to be enabled, including finger, ftp, and telnetd. Enabling\n"
+ "these services may increase risk of security problems by increasing\n"
+ "the exposure of your system.\n\n"
+ "With this in mind, do you wish to enable inetd?\n")) {
+ variable_set2("inetd_enable", "NO", 1);
+ } else {
+ /* If inetd is enabled, we'll need an inetd.conf */
+
+ if (!msgYesNo("inetd(8) relies on its configuration file, /etc/inetd.conf, to determine\n"
+ "which of its Internet services will be available. The default FreeBSD\n"
+ "inetd.conf(5) leaves all services disabled by default, so they must be\n"
+ "specifically enabled in the configuration file before they will\n"
+ "function, even once inetd(8) is enabled. Note that services for\n"
+ "IPv6 must be seperately enabled from IPv4 services.\n\n"
+ "Select [Yes] now to invoke an editor on /etc/inetd.conf, or [No] to\n"
+ "use the current settings.\n")) {
+ sprintf(cmd, "%s /etc/inetd.conf", variable_get(VAR_EDITOR));
+ dialog_clear();
+ systemExecute(cmd);
+ variable_set2("inetd_enable", "YES", 1);
+ }
+ }
+ restorescr(w);
+}
+
+int
configNFSServer(dialogMenuItem *self)
{
char cmd[256];
diff --git a/usr.sbin/sysinstall/dispatch.c b/usr.sbin/sysinstall/dispatch.c
index 0d1a67c..cc87f2b 100644
--- a/usr.sbin/sysinstall/dispatch.c
+++ b/usr.sbin/sysinstall/dispatch.c
@@ -52,6 +52,7 @@ static struct _word {
} resWords[] = {
{ "configAnonFTP", configAnonFTP },
{ "configRouter", configRouter },
+ { "configInetd", configInetd },
{ "configNFSServer", configNFSServer },
{ "configNTP", configNTP },
{ "configPCNFSD", configPCNFSD },
diff --git a/usr.sbin/sysinstall/install.c b/usr.sbin/sysinstall/install.c
index b53cb48..fa9231d 100644
--- a/usr.sbin/sysinstall/install.c
+++ b/usr.sbin/sysinstall/install.c
@@ -573,6 +573,10 @@ nodisks:
variable_set2("gateway_enable", "YES", 1);
dialog_clear_norefresh();
+ if (!msgNoYes("Do you want to configure inetd and simple internet services?"))
+ configInetd(self);
+
+ dialog_clear_norefresh();
if (!msgNoYes("Do you want to have anonymous FTP access to this machine?"))
configAnonFTP(self);
diff --git a/usr.sbin/sysinstall/menus.c b/usr.sbin/sysinstall/menus.c
index abc223f..5e3750c 100644
--- a/usr.sbin/sysinstall/menus.c
+++ b/usr.sbin/sysinstall/menus.c
@@ -235,6 +235,7 @@ DMenu MenuIndex = {
{ " FTP sites", "The FTP mirror site listing.", NULL, dmenuSubmenu, NULL, &MenuMediaFTP },
{ " Gateway", "Set flag to route packets between interfaces.", dmenuVarCheck, dmenuToggleVariable, NULL, "gateway=YES" },
{ " HTML Docs", "The HTML documentation menu", NULL, docBrowser },
+ { " inetd Configuration", "Configure inetd and simple internet services.", dmenuVarCheck, configInetd, NULL, "inetd_enable=YES" },
{ " Install, Standard", "A standard system installation.", NULL, installStandard },
{ " Install, Express", "An express system installation.", NULL, installExpress },
{ " Install, Custom", "The custom installation menu", NULL, dmenuSubmenu, NULL, &MenuInstallCustom },
@@ -1332,7 +1333,7 @@ DMenu MenuNetworking = {
{ " Gateway", "This machine will route packets between interfaces",
dmenuVarCheck, dmenuToggleVariable, NULL, "gateway_enable=YES" },
{ " inetd", "This machine wants to run the inet daemon",
- dmenuVarCheck, dmenuToggleVariable, NULL, "inetd_enable=YES" },
+ dmenuVarCheck, configInetd, NULL, "inetd_enable=YES" },
{ " NFS client", "This machine will be an NFS client",
dmenuVarCheck, dmenuToggleVariable, NULL, "nfs_client_enable=YES" },
{ " NFS server", "This machine will be an NFS server",
diff --git a/usr.sbin/sysinstall/sysinstall.h b/usr.sbin/sysinstall/sysinstall.h
index 6c9ed8f..14d1b95 100644
--- a/usr.sbin/sysinstall/sysinstall.h
+++ b/usr.sbin/sysinstall/sysinstall.h
@@ -447,6 +447,7 @@ extern int configXSetup(dialogMenuItem *self);
extern int configXDesktop(dialogMenuItem *self);
extern int configRouter(dialogMenuItem *self);
extern int configPCNFSD(dialogMenuItem *self);
+extern int configInetd(dialogMenuItem *self);
extern int configNFSServer(dialogMenuItem *self);
extern int configWriteRC_conf(dialogMenuItem *self);
extern int configSecurityProfile(dialogMenuItem *self);
OpenPOWER on IntegriCloud