Re: openpkg and debian

Thu, 22 Sep 2005 12:27:36 -0700 

On Thu, Sep 22, 2005, Ralf S. Engelschall wrote:
>On Thu, Sep 22, 2005, Doug Henry wrote:
>
>> I have setup a debian sarge box, and have bootstrapped openpkg in to the
>> system.  After installing apache, the openpkg init.d script starts apache as
>> the non-privileged user and I can see apache from localhost.  However, from
>> external connections I get a connection refused error, almost like there is a
>> firewall running.  I have not setup any "non-default" apps, and my test
>> machines are all on the same subnet.  Is there something extra I need to do 
>> to
>> hook openpkg in to my debian system, or am I fighting some default security
>> setting in debian?
>
>For security reasons all networking services provided by OpenPKG
>packages by default and intentionally listen on localhost/127.0.0.1
>only. You have to configure the program. In your case edit
><prefix>/etc/apache/apache.conf.

Many packages specify the 127.0.0.1 in the %config section of run control
file that controls startup (%{l_prefix}/etc/rc.d/rc.$packagename).

If you want to change values of variables in the %config section of a run
control file, don't edit the run control file, but add the appropriate
lines to %{l_prefix}/etc/rc.conf which, like FreeBSD, overrides the values
in the run control files.

You have to look at the run control files carefully as they don't all
handle binding to 127.0.0.1 the same way.  Some packages like rsync, will
bind to everything by setting ``rsync_bind=""'' while others may require
setting a variable to ``0.0.0.0'' or some other appropriate IP address.

Bill
--
INTERNET:   [EMAIL PROTECTED]  Bill Campbell; Celestial Software LLC
UUCP:               camco!bill  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/

Government is actually the worst failure of civilized man. There has
never been a really good one, and even those that are most tolerable
are arbitrary, cruel, grasping and unintelligent.
        -- H. L. Mencken
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
User Communication List                      openpkg-users@openpkg.org

Reply via email to