| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
no longer the correct way to have qmail handle incoming qmail smtp
connections. Also provide a url to the correct method.
|
| |
|
|
|
|
| |
about the --allow-root switch.
PR: 14463
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
example of their usage in the sample config. Merge the two examples
for the green internal auth service.
This commit failed the first time around because Brian beat me to the
punch on inetd.8 . I like my descriptions better and I'm pretty sure
Brian won't mind.
|
| |
|
|
|
|
| |
at least for now. I relegated the getcred sysctls to only root, but if
they're deemed to be "allowable" to export to users, I'll do so and
revert this change.
|
| |
|
|
|
|
| |
configuration file.
Requested by: green
|
| |
|
|
|
|
| |
the make variable REAL_IDENT, and ~/.fakeid support can be added
with FAKEID set. Note that the default behavior is the same as
the old behavior.
|
| |
|
|
| |
runned as root again, not kmem:kmem
|
| |
|
|
|
|
| |
mailbox contents. comsat instead simply prints that new mail is
available. Add appropriate comment to inetd.conf but leave comsat in
sandbox.
|
| |
|
|
|
|
|
|
|
|
| |
adjustd inetd.conf to run comsat and ntalk from tty sandbox, and
the (commented out) ident from the kmem sandbox.
Note that it is necessary to give each group access it's own uid to
prevent programs running under a single uid from being able to gdb
or otherwise mess with other programs (with different group perms) running
under the same uid.
|
| | |
|
| |
|
|
|
| |
runs only 3 simultaneous fingerd processes and
limit the connections-per-ip-per-minute to 10.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
the imap4 entry.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
if kerberos is installed. So far as I'm aware, kerberos aware clients
detect ECONNREFUSED and (if allowed) fall back to the non-kerberos
servers. They do not know how to interpret messages such as
"rlogind: unknown option -k".
I believe Garrett also mentioned this.
Unfortunately, this adds an extra step to bringing up kerberos.
It also stops /var/log/messages getting quite so many useless (and
confusing) error messages when somebody does a port scan on you.
|
| |
|
|
|
|
| |
Turn OFF the "small servers" by default. FreeBSD systems should only
serve actively used programs. Jewels like chargen and echo are too
useful in attack scenarios.
|
| | |
|
| |
|
|
|
|
|
| |
"hand", changed /etc/crontab to call /usr/sbin/newsyslog every hour
(the entry was there before - but we haven't had any newsyslog until
today :-) and changed /etc/inetd.conf to also contain (commentet out)
entries for rpc.rquotad and rpc.sprayd (taken from NetBSD)
|
| |
|
|
|
| |
people don't compromise their system by blindly un-commenting the
entry.
|
| |
|
|
|
|
|
| |
Add rkinit at 2108/tcp.
services:
Add rkinitd.
|
| |
|
|
|
| |
Submitted by:
Obtained from:
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
instead of /usr/local/etc/popper. The 2.0 installation installs it there.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Deleted commented-out line which would start mountd; that's not
the right pplace to do it (don't confuse the users).
Should probablyhave uncommented rpc.rstatd, but didn't.
|
| |
|
|
| |
Comment out walld/rusersd/rstatd, may be too verbose
|
| |
|
|
|
| |
Uncomment rstatd/rusersd/rwalld all three worked
mountd still commented out, I remember some problem with it
|
| |
|
|
| |
Added an example entry for the pop3 popper into inetd.conf as a comment.
|
| | |
|
| |
|
|
|
|
|
| |
running portmapper. These are site specific functionality and should only
be enabled for sites that want them, not by default.
These services REQUIRE portmapper to be running
|
| | |
|
| |
|
|
|
| |
dropped out of the Makefile. Commented out talk in inetd.conf since
it refers to the old non-existent otalkd.
|
| |
|
