John,
Bastille is a program distributed by www.bastille-linux.org to tighten the
security of Linux. It is now also distributed on the RedHat 7.1 CD's and is
one of the three recommended methods of tightening up a system that sits
outside the firewall on the Internet. If I get a chance, I'll try it again
on another less critical path and let everyone know what the real problem
was. Right now, I need to get this working first as we have exceeded our
ability to use our old system.
markh
-----Original Message-----
From: John R. Jackson [mailto:[EMAIL PROTECTED]]
Sent: Saturday, September 01, 2001 7:18 AM
To: Mark Holm
Cc: '[EMAIL PROTECTED]'
Subject: Re: Can't start amandad from xinetd on RedHat 7.1
>It did end up being something that Bastille did ...
FYI, I don't know what "Bastille" is (not sure I want to), but just get
the general idea from your comments.
>... we finally determined that it had closed down anything that used UDP
>and dgrams.
Sheesh! That's kind of excessive. :-)
More than just Amanda use UDP. For instance, NFS and DNS. Are you sure
it was UDP and not some other attribute?
>... 1) I told it not to take strong measures against the BSD r-tools ...
They don't use UDP.
>... 2) Don't add the TMP-DIR scripts ...
Don't know what that means.
I'd be asking the Bastille folks what's up with this. If you find out
anything else, please post it here. I'm sure we haven't heard the last
of this.
>One of the
>two of these fixed the problem, but I am not sure which. Given that it
takes
>a couple of hours to rebuild (an that it is working now) I am not sure I
>want to find out right now.
Understood :-).
> markh
John R. Jackson, Technical Software Specialist, [EMAIL PROTECTED]
