by providing the opportunity to edit inetd.conf during the system
installation process. The following modifications were made:
(1) Expand the Anonymous FTP description dialog to indicate that inetd
and ftpd must be enabled before it can be used.
(2) Introduce a new configInetd() pair of dialogs, the first describing
inetd, giving a couple of examples of services that require it, and
hinting at potential risk, then asking the user if they wish to
enable it. The second indicates that inetd.conf must be configured
to enabled specific services, and asks if the user would like to
load inetd.conf into the editor to modify it. Add this
configuration action to the index.
There are some further improvements that might be considered:
(1) Provide a more inetd.conf-specific configuration tool that speaks
inetd.conf(5). However, this is made difficult by the "yet another
configuration format" nature of inetd.conf, as well as its use of
commenting to disable services, rather than an in-syntax way to
disable a service without commenting it out. Submissions here
would probably be welcome.
(2) There's some overlap between settings in the somewhat obtuse
Security Profile mechanism and other settings, including the inetd
setting, and NFS server configuration. As features become
individually tunable, they should probably be removed from the
security profile mechanism. Otherwise, somewhat counter-intuitively,
sysinstall (in practice) queries multiple times whether inetd, nfsd,
etc, should be enabled/disabled. A possible future direction might
be to drive profiles not by degree of paranoia, rather, the set
of services desired. Or simply to remove the Security Profile
mechanism and resort to feature-driven configuration.
Reviewed by: imp, chris, jake, nate, -arch, -stable
names suggest, they perform methods on Device's. In addition, they
check that the pointer passed to them is valid; if it isn't, they
pretend that the action failed. This fixes some crashes due to NULL
dereferences (e.g., PR 26509).
Approved by: jkh (some time ago)
appropriate(?) defaults for "low", "medium" and "high" security
environments. Medium is basically what we currently have with a little
seat-belt tightening where it made sense. Low is the same as medium but
without the tightening. High is positively fascist with nothing turned
on by default and an automatic call to 911 if it can find a modem.
as redoing all the menus to have proper, or at least non-hallucinogenic,
keyboard accelerators.
This requires my recent update to libdialog to work properly and will
probably also exhibit some other "interesting" behavior while the last
few missing screen clears are found (which is why I'm not going to MFC
immediately). At least now, however, sysinstall does not gratuitously
redraw random screens at the drop of a hat and drive serial console
installers out of their minds.
feature of packages now so that no version info is embedded.
o Add a default X desktop menu offering afterstep, enlightenment, KDE, GNOME
and Windowmaker desktops instead of the boring twm(1) based one if the
user so chooses. This will require a little testing.
Now we know which variables are internal and which need to be
backed to /etc/rc.conf.site. rc.conf is not touched now.
Also kget kernel change information back properly and set up a loader.rc
file to use it.
o Move fixups into extraction routine so all consumers don't have to duplicate
the right behavior.
o Make some things more orthogonal (just for asthetics sake)
o Add option to go back and do it again if XF86Setup fails (possibly with
a different setup - this one has always annoyed me).
so you don't need to re-enter it for each and every filesystem. Heads up!
This change is incompatible with the previous scripting format,
so those folks (all 2 of you) using config files should take a look
at the changes to the sample install.cfg file for the diskLabelEditor's
new calling syntax.
Finally write a man page for this thing, documenting all of the above
and more. I can't drive a stake through this thing's heart without
properly documenting it first, so please consider this step #1 in that
process (to be honest, sysinstall will also live on for some time in
the 2.2. branch since it's unlikely that the new install tools will ever
make it over there - they're strictly 3.0 material).
those ideas that, like the Apache server setup, was well-intentioned
but doomed to fail in the face of change. That and the fact that it
shouldn't be part of the installation tool, it should be part of the
post-installation setup tool (which we need to write). Combining the
two utilities into one utility was my first conceptual mistake.
Apologies also to Coranth Gryphon, who worked hard on the Apache
and Samba server setup code. These features were quite useful
for awhile, if that's any consolation, I just simply had the wrong
ideas about where to put them. :-(
Add a system command to script mechanism (so you can call things like
tzsetup from scripts).
Add noError variable for causing script errors to be ignored.
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
place (sysinstall.h) when packages change rev.
Change the way that the routing daemon is configured entirely, to
placate Joerg. Also auto-load gated if it's specified, while we're at it.
in one place, leaking memory in another).
Add a facility to invoke subsystems directly by naming them on
sysinstall's command-line when running post-install. A replacement
for pkg_manage might, for example, be `/stand/sysinstall configPackages'
Fix bogon where upgrade shell was entered with tty modes spammed.
Fix bug with release name checking in ftp_strat. Turned a bunch of
bogus exit()s into proper calls to systemShutdown().