d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8c489d725d
freebsd-dev/usr.sbin/sade
History
Robert Watson 4880db4afd Tweak "system security profiles: 
(1) Don't modify the configuration of the NFS server as a result of
    selecting a profile.  We already explicitly prompt for the NFS
    server configuration during install, and the user may not get
    much advance notice that we're turning it off again.  Instead,
    use profiles (for better or for worse) only for security tuning.

(2) Don't modify the sendmail setting as part of the security profile:
    use the default from /etc/defaults/rc.conf rather than explicitly
    specifying.  Note that the default in /etc/defaults/rc.conf is
    more conservative than the explicit rc.conf entry added by
    sysinstall during install, as it does not permit SMTP delivery.

(3) Update "congratulations on your profile" text to reflect these
    changes.

Note that security profiles now affect only the securelevel and sshd
settings.  My leaning would be to make sshd an explicit configuration
option, move securelevels to the security menu, and drop security
profiles entirely.  However, that requires more plumbing of sendmail
than I'm currently willing to invest.

We may want to add a "permit SMTP delivery" question to the install
process.
2003-09-28 05:21:23 +00:00
..
help Don't use UFS2 by default during the install process on PC98, as the 2003-04-21 20:57:20 +00:00
command.c debugMsg() should end with "\n". 2002-11-01 02:05:05 +00:00
config.c Tweak "system security profiles: 2003-09-28 05:21:23 +00:00
devices.c Add a device driver for the Broadcom BCM4401 ethernet controller, 2003-09-09 18:17:23 +00:00
disks.c Expand the fdisk size display toggling to include GB. 2003-08-19 17:51:49 +00:00
dispatch.c Remove the vestiges of the old pre-"X_AS_PKG" way we used to handled the 2003-08-19 23:23:27 +00:00
dmenu.c Fix 3 'cast to pointer from integer of different size' warnings. 2003-09-17 03:45:30 +00:00
globals.c DTRT in the restart case 2001-10-12 07:36:34 +00:00
install.c Add a new variable 'skipPCCARD'. This variable will cause sysinstall 2003-08-20 06:24:12 +00:00
keymap.c Initiate deorbit burn sequence for <machine/console.h>. 2000-10-08 21:34:00 +00:00
label.c Add __amd64__ ifdefs to enable the bootblock handling code, slices, etc. 2003-05-24 21:12:14 +00:00
list.h
main.c The PCMCIA Standard dictates that those funny cards you insert into 2003-08-20 06:27:21 +00:00
Makefile Remove the vestiges of the old pre-"X_AS_PKG" way we used to handled the 2003-08-19 23:23:27 +00:00
menus.c - Another update to list of FTP sites 2003-09-28 03:34:49 +00:00
misc.c save_realloc() should use reallocf() to close memory leaks. 2003-01-06 17:11:46 +00:00
msg.c Return the *right* error codes for yes/no questions when non-interactive. 2001-09-11 20:42:07 +00:00
rtermcap.c
sade.8 The "krb5" distribution was merged with "crypto", record the death. 2003-05-22 18:41:16 +00:00
sade.h Add a new variable 'skipPCCARD'. This variable will cause sysinstall 2003-08-20 06:24:12 +00:00
system.c * Negative #if's are harder to read as they don't tell exactly what arch 2002-10-11 22:30:09 +00:00
termcap.c Use the isDebug() function rather than making up a new environment 2001-09-22 18:07:47 +00:00
usb.c
variable.c Give users the ability to select an alternative MTA during the installation. 2003-07-12 15:33:09 +00:00
wizard.c Fix the wizardmodes 'write' command to not explode: Don't reference 2002-10-28 22:40:49 +00:00