From 126215b8e1fefe0132b7a6fb3caf7c1c129287cb Mon Sep 17 00:00:00 2001 From: eivind Date: Fri, 28 Jul 2000 22:45:36 +0000 Subject: Change the defaults for portmap, sendmail and inetd to be not running them. Make sysinstall override this on install, so the effective behavioural change for a newly installed system is null. Overall, this makes a system with an empty /etc/rc.conf not run any network services, and makes the FreeBSD-provided network services that are running visible in /etc/rc.conf (instead of making people look through /etc/defaults/rc.conf to find the things they need to disable to secure the system.) Reviewed by: jhb Discussed with: The usual cabal --- usr.sbin/sade/config.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'usr.sbin/sade') diff --git a/usr.sbin/sade/config.c b/usr.sbin/sade/config.c index 3b3346b..b62fd27 100644 --- a/usr.sbin/sade/config.c +++ b/usr.sbin/sade/config.c @@ -387,6 +387,10 @@ configRC_conf(void) if (write_header) { fprintf(rcSite, "# This file now contains just the overrides from /etc/defaults/rc.conf\n"); fprintf(rcSite, "# please make all changes to this file.\n\n"); + fprintf(rcSite, "# Enable network daemons for user convenience.\n"); + fprintf(rcSite, "inetd_enable=\"YES\"\n"); + fprintf(rcSite, "portmap_enable=\"YES\"\n"); + fprintf(rcSite, "sendmail_enable=\"YES\"\n\b"); } /* Now do variable substitutions */ -- cgit v1.1