[geeks] Argh, solaris
Joshua D Boyd
jdboyd at cs.millersville.edu
Sun Apr 28 02:45:01 CDT 2002
On Sun, Apr 28, 2002 at 02:24:26AM -0500, Bill Bradford wrote:
>>I can't think of anything else to check, nor can I find anything on google,
>>other than some pages that say enable rpcbind, which many pages say to
>>disable as part of a good security plan.
>
> I used to get that error.. Basically its rpc and some stuff in inetd.conf,
> but I cant remember which.
I've included my inetd.conf file after the sig in case you or anyone else
want to give it a gander. I wonder if it is cause by the S73cachefs.daemon
init script. I disabled it and am rebooting now.
Nope, the errors are still there. This seems to be the major problem at the
moment. Well one of them. There are a few other really aggrevating ones.
installed the termcap and terminfo for rxvt, but it still isn't working
right, and also having tremendous trouble getting the PATH environment
variable to be set. When loggin in as root on console or myself on telnet,
it doesn't take the PATH that I want from either /etc/profile or
/etc/defaults/login (where the fixsolaris8 document says to put it), further
BASH doesn't properly source ~/.bashrc on login of accounts that are set
in /etc/passwd to use bash.
Nothing I experience here makes me feel that Solaris is superior to NetBSD.
But, some programs I want don't really support any UltraSparc platform
except Solaris.
>>Further, what script starts lpsched? This machine has no printer, and will
>>never be used to print, so running lpsched is pretty silly.
>
> /etc/rc2.d/S80lp?
Boy do I feel silly for missing that.
Wow 3:30. Long past time for bed here.
--
Joshua D. Boyd
#
#ident "@(#)inetd.conf 1.44 99/11/25 SMI" /* SVr4.0 1.5 */
#
#
# Configuration file for inetd(1M). See inetd.conf(4).
#
# To re-configure the running inetd process, edit this file, then
### send the inetd process a SIGHUP.
###
### Syntax for socket-based Internet services:
# <service_name> <socket_type> <proto> <flags> <user> <server_pathname> <args>
#
# Syntax for TLI-based Internet services:
#
# <service_name> tli <proto> <flags> <user> <server_pathname> <args>
#
# IPv6 and inetd.conf
# By specifying a <proto> value of tcp6 or udp6 for a service, inetd will
# pass the given daemon an AF_INET6 socket. The following daemons have
# been modified to be able to accept AF_INET6 sockets
#
# ftp telnet shell login exec tftp finger printer
#
# and service connection requests coming from either IPv4 or IPv6-based
# transports. Such modified services do not normally require separate
# configuration lines for tcp or udp. For documentation on how to do this
# for other services, see the Solaris System Administration Guide.
#
# You must verify that a service supports IPv6 before specifying <proto> as
# tcp6 or udp6. Also, all inetd built-in commands (time, echo, discard,
# daytime, chargen) require the specification of <proto> as tcp6 or udp6
#
# The remote shell server (shell) and the remote execution server
# (exec) must have an entry for both the "tcp" and "tcp6" <proto> values.
#
# Ftp and telnet are standard Internet services.
#
ftp stream tcp6 nowait root /usr/sbin/in.ftpd in.ftpd
telnet stream tcp6 nowait root /usr/sbin/in.telnetd in.telnetd
#
# Tnamed serves the obsolete IEN-116 name server protocol.
#
#name dgram udp wait root /usr/sbin/in.tnamed in.tnamed
#
# Shell, login, exec, comsat and talk are BSD protocols.
#
##shell stream tcp nowait root /usr/sbin/in.rshd in.rshd
##shell stream tcp6 nowait root /usr/sbin/in.rshd in.rshd
##login stream tcp6 nowait root /usr/sbin/in.rlogind in.rlogind
#exec stream tcp nowait root /usr/sbin/in.rexecd in.rexecd
exec stream tcp6 nowait root /usr/sbin/in.rexecd in.rexecd
#comsat dgram udp wait root /usr/sbin/in.comsat in.comsat
#talk dgram udp wait root /usr/sbin/in.talkd in.talkd
##
# Must run as root (to read /etc/shadow); "-n" turns off logging in utmp/wtmp.
#
#uucp stream tcp nowait root /usr/sbin/in.uucpd in.uucpd
#
# Tftp service is provided primarily for booting. Most sites run this
# only on machines acting as "boot servers."
#
#tftp dgram udp6 wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot
#
# Finger, systat and netstat give out user information which may be
# valuable to potential "system crackers." Many sites choose to disable
# some or all of these services to improve security.
#
finger stream tcp6 nowait nobody /usr/sbin/in.fingerd in.fingerd
#systat stream tcp nowait root /usr/bin/ps ps -ef
#netstat stream tcp nowait root /usr/bin/netstat netstat -f inet
#
# Time service is used for clock synchronization.
#
#time stream tcp6 nowait root internal
#time dgram udp6 wait root internal
#
# Echo, discard, daytime, and chargen are used primarily for testing.
#
#echo stream tcp6 nowait root internal
#echo dgram udp6 wait root internal
#discard stream tcp6 nowait root internal
#discard dgram udp6 wait root internal
#daytime stream tcp6 nowait root internal
#Daytime dgram udp6 wait root internal
#chargen stream tcp6 nowait root internal
#chargen dgram udp6 wait root internal
#
#
# RPC services syntax:
# <rpc_prog>/<vers> <endpoint-type> rpc/<proto> <flags> <user> \
# <pathname> <args>
#
# <endpoint-type> can be either "tli" or "stream" or "dgram".
# For "stream" and "dgram" assume that the endpoint is a socket descriptor.
# <proto> can be either a nettype or a netid or a "*". The value is
# first treated as a nettype. If it is not a valid nettype then it is
# treated as a netid. The "*" is a short-hand way of saying all the
# transports supported by this system, ie. it equates to the "visible"
# nettype. The syntax for <proto> is:
# *|<nettype|netid>|<nettype|netid>{[,<nettype|netid>]}
# For example:
# dummy/1 tli rpc/circuit_v,udp wait root /tmp/test_svc test_svc
#
# Solstice system and network administration class agent server
#100232/10 tli rpc/udp wait root /usr/sbin/sadmind sadmind
#
# Rquotad supports UFS disk quotas for NFS clients
#
#rquotad/1 tli rpc/datagram_v wait root /usr/lib/nfs/rquotad rquotad
#
# The rusers service gives out user information. Sites concerned
# with security may choose to disable it.
#
#rusersd/2-3 tli rpc/datagram_v,circuit_v wait root /usr/lib/netsvc/rusers/rpc.rusersd rpc.rusersd
#
# The spray server is used primarily for testing.
#
#sprayd/1 tli rpc/datagram_v wait root /usr/lib/netsvc/spray/rpc.sprayd rpc.sprayd
#
# The rwall server allows others to post messages to users on this machine.
#
#walld/1 tli rpc/datagram_v wait root /usr/lib/netsvc/rwall/rpc.rwalld rpc.rwalld
#
# Rstatd is used by programs such as perfmeter.
#
#rstatd/2-4 tli rpc/datagram_v wait root /usr/lib/netsvc/rstat/rpc.rstatd rpc.rstatd
#
# The rexd server provides only minimal authentication and is often not run
#
#rexd/1 tli rpc/tcp wait root /usr/sbin/rpc.rexd rpc.rexd
#
# rpc.cmsd is a data base daemon which manages calendar data backed
# by files in /var/spool/calendar
#
#
# Sun ToolTalk Database Server
#
#100083/1 tli rpc/tcp wait root /usr/dt/bin/rpc.ttdbserverd rpc.ttdbserverd
#
## UFS-aware service daemon
#
#ufsd/1 tli rpc/* wait root /usr/lib/fs/ufs/ufsd ufsd -p
#
# Sun KCMS Profile Server
#
#100221/1 tli rpc/tcp wait root /usr/openwin/bin/kcms_server kcms_server
#
# Sun Font Server
#
#fs stream tcp wait nobody /usr/openwin/lib/fs.auto fs
#
# CacheFS Daemon
#
##100235/1 tli rpc/tcp wait root /usr/lib/fs/cachefs/cachefsd cachefsd
#
# Kerberos V5 Warning Message Daemon
#
##100134/1 tli rpc/ticotsord wait root /usr/lib/krb5/ktkt_warnd ktkt_warnd
#
# Print Protocol Adaptor - BSD listener
#
#printer stream tcp6 nowait root /usr/lib/print/in.lpd in.lpd
#
# GSS Daemon
#
##100234/1 tli rpc/ticotsord wait root /usr/lib/gss/gssd gssd
#
# AMI Daemon
#
##100146/1 tli rpc/ticotsord wait root /usr/lib/security/amiserv amiserv
##100147/1 tli rpc/ticotsord wait root /usr/lib/security/amiserv amiserv
#
# OCF (Smart card) Daemon
#
#100150/1 tli rpc/ticotsord wait root /usr/sbin/ocfserv ocfserv
#dtspc stream tcp nowait root /usr/dt/bin/dtspcd /usr/dt/bin/dtspcd
#100068/2-5 dgram rpc/udp wait root /usr/dt/bin/rpc.cmsd rpc.cmsd
More information about the geeks
mailing list