YASSP

To-Do list : Beta#15


Changes for the next minor version

  1. testing / correction / improvements, so that V1.0 can be released.
  2. Tarball install script:
  3. RPCBIND: By default, logging is to syslog MAIL.INFO, which is a little strange, so change it to AUTH.INFO in the Makefile before compiling.
  4. Syslog: Adam would like a copy of logs to kept locally *by default*. At the moment it has to be uncommented in /etc/syslog.conf, the default is to log to "loghost" if available. The list didn't voice opinions one way or the other on this. Personally I [sean] am worried that logs would grow because most people are tow lazy to set up pruning scripts, but I don't really mind..
  5. yassp.conf
  6. inetd.conf: use comments like "#SECclean#", rather than "#SEC                 #"
  7. fix-modes:
  8. PARCdaily
  9. Empty unneeded comments in root crontab.
  10. SSH
  11. /etc/hosts.allow bug:

    ALL: ALL : spawn ( /bin/logger -p auth.warn -t "tcpd" %s: connection attempt
    from %c") & /etc/banners : rfc931 : DENY
    In Solaris 8, it will problem because of the colon after %s. SSHD reads the
    colon as an option separation, instead of a string.

    This one may be a better sample:
    ALL: ALL : spawn ( /bin/logger -p auth.warn -t "tcpd" %s\: connection
    attempt from %c") & /etc/banners : rfc931 : DENY

    Nic Pang
  12. Patches: should we include Reg's Patch script in the tarball. I [sean] think it would be a good idea.
  13. nettune:
    - include new version from Jens (voeckler@rvs.uni-hannover.de). Called with "start", it will actually tweak variables, called w/o parameters, it will show contents.
    - Also: "I put in a new variable to be set in yassp.conf called YASSP_VERBOSE in order to list current contents before tweaking them. Please consider a more appropriate name for the YASSP_VERBOSE variable."
  14. All packages: make sure they can be installed without input, and also from Jumpstart (to /a).
    a) E.g. in install.sh
    if [ "${ROOT}" = "" ] ; then > ROOT="/" ; export ROOT; fi
    /usr/sbin/pkgadd -n -a ./admin -d ${PKGFI} -R ${ROOT} $i

    also every reference to the root file system needs to have ${ROOT} prepended to it.
    Hack: can also be installed by an /etc/rc?.d script without the need to install to /a.
    b) SECclean uses stdout, which produces the following when an automated install is produced:
    "pkgadd: ERROR: freopen(/dev/tty, "a", stdout) failed, errno=6"
    another suggestion (from Neil Brookins) is:
    at now <<EOF
    cd /etc/rc3.d; ./InstallMyPackage.sh
    EOF

Changes planned at a later stage / next major version

Changes not yet decided upon:


Home


**rcs id here**; Jean Chouanard (updated by Sean Boran, 08 août, 2002)

8.8.02: Tweaks to point 14 after feedback from Neil Brookins.