[At the risk of letting this get lost in the shuffle of this
thread...]
Seth Vidal wrote:
> If there are pkgs which run daemons which are defaulting to ON when
> installed or on next reboot - then we should be auditing those pkgs.
> Last I checked we default to OFF and that should continue to be the
> case.
I happened to install func the other day on several Fedora and CentOS
boxes and was surprised that both services defaulted to on.
Trying this on clean Fedora 12 box I found that a combination of a
poor init script and the presence of redhat-lsb had prevented the
services from being configured as the packages intend them to be:
$ sudo yum install certmaster
...
$ sudo chkconfig --list certmaster
service certmaster supports chkconfig, but is not referenced in any runlevel (run 'chkconfig --add certmaster')
The problem is that %post checks first for the presence of
/usr/lib/lsb/install_initd, which redhat-lsb provides:
# for suse
if [ -x /usr/lib/lsb/install_initd ]; then
/usr/lib/lsb/install_initd /etc/init.d/funcd
# for red hat distros
elif [ -x /sbin/chkconfig ]; then
/sbin/chkconfig --add funcd
...
fi
Fortunately, neither funcd nor certmaster provide critical things
like, say, remote control of a system. ;)
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
We are free not because we claim freedom, but because we PRACTICE it.
-- William Faulkner
Attachment:
pgpIZVuJhuot1.pgp
Description: PGP signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
