On Feb 19,  9:18am, Fisher, Clinton wrote:

> If this was already replied to, please forgive me.  It appears that the
> config files are different on that release and now there is an extended
> inetd (xinetd) or something like it.  There are seperate packages you need
> to install to get things like telnet to work and I was very confused by it.
> 
> 
> If someone already replied, can you re-send the details.  Can someone go
> over it in a nutshell?

I don't remember if anyone replied or not, so I'll give a nutshell
answer...

First, /etc/inetd.conf is gone.  In its place is /etc/xinetd.conf.
If you look at this file in the Red Hat distribution, you'll notice
that there's not much in it.  All it does is set up some defaults
and cause the files in /etc/xinetd.d (this is a directory) to be
included.

If you look in /etc/xinetd.d, you'll see the following...

saguaro:kev$ ls /etc/xinetd.d
chargen      daytime-udp  finger         rexec   swat    tftp      wu-ftpd
chargen-udp  echo         linuxconf-web  rlogin  talk    time
daytime      echo-udp     ntalk          rsh     telnet  time-udp

These are the files included by /etc/xinetd.conf.

Now let's suppose you wish to enable the time service.  (I did this
recently so that I could use ``rdate'' from a machine upon which
``ntpdate'' was broken.)  If you look at /etc/xinetd.d/time, you'll
see that it looks like this:

--- /etc/xinetd.d/time ---
# default: off
# description: An RFC 868 time server. This is the tcp \
# version, which is used by rdate.

service time
{
	type		= INTERNAL
	id		= time-stream
	socket_type	= stream
	protocol	= tcp
	user		= root
	wait		= no
	disable		= yes
}
--- end /etc/xinetd.d/time ---

To turn on this service, merely change the disable line to say "no"
instead of "yes".

Now, let's suppose you wanted to disable the telnet service.  To do
this, you'd add a ``disable = yes'' line to /etc/xinetd.d/telnet.

After changing the configuration, you should send either SIGUSR1 or
SIGUSR2 to th xinetd process.  (See the man page for the differences
between these two signals.)  Alternately, you can do

    /sbin/service xinetd restart

BTW, I recently had the opportunity to install the Fisher release
(which is a Beta release for 7.1) and noticed that the installation
menus provide you with the means to set up a firewall.  So it looks
like it'll be possible to do future Red Hat installs which will be
much more secure from the get-go than the default installs that you
get today.

Kevin