On Feb 19, 9:18am, Fisher, Clinton wrote:
> If this was already replied to, please forgive me. It appears that the
> config files are different on that release and now there is an extended
> inetd (xinetd) or something like it. There are seperate packages you need
> to install to get things like telnet to work and I was very confused by it.
>
>
> If someone already replied, can you re-send the details. Can someone go
> over it in a nutshell?
I don't remember if anyone replied or not, so I'll give a nutshell
answer...
First, /etc/inetd.conf is gone. In its place is /etc/xinetd.conf.
If you look at this file in the Red Hat distribution, you'll notice
that there's not much in it. All it does is set up some defaults
and cause the files in /etc/xinetd.d (this is a directory) to be
included.
If you look in /etc/xinetd.d, you'll see the following...
saguaro:kev$ ls /etc/xinetd.d
chargen daytime-udp finger rexec swat tftp wu-ftpd
chargen-udp echo linuxconf-web rlogin talk time
daytime echo-udp ntalk rsh telnet time-udp
These are the files included by /etc/xinetd.conf.
Now let's suppose you wish to enable the time service. (I did this
recently so that I could use ``rdate'' from a machine upon which
``ntpdate'' was broken.) If you look at /etc/xinetd.d/time, you'll
see that it looks like this:
--- /etc/xinetd.d/time ---
# default: off
# description: An RFC 868 time server. This is the tcp \
# version, which is used by rdate.
service time
{
type = INTERNAL
id = time-stream
socket_type = stream
protocol = tcp
user = root
wait = no
disable = yes
}
--- end /etc/xinetd.d/time ---
To turn on this service, merely change the disable line to say "no"
instead of "yes".
Now, let's suppose you wanted to disable the telnet service. To do
this, you'd add a ``disable = yes'' line to /etc/xinetd.d/telnet.
After changing the configuration, you should send either SIGUSR1 or
SIGUSR2 to th xinetd process. (See the man page for the differences
between these two signals.) Alternately, you can do
/sbin/service xinetd restart
BTW, I recently had the opportunity to install the Fisher release
(which is a Beta release for 7.1) and noticed that the installation
menus provide you with the means to set up a firewall. So it looks
like it'll be possible to do future Red Hat installs which will be
much more secure from the get-go than the default installs that you
get today.
Kevin