Am 20.10.2015 um 18:45 schrieb Diego Gomes:
Thanks Reindl, It seems a little complicated, right? Does anyone applying it to secure the own OpenVAS?
there is nothing complicated in clone and edit a systemd-unit and it should be a regular and well known task for anybody maintaining a server
To: [email protected] From: [email protected] Date: Tue, 20 Oct 2015 14:35:23 +0200 Subject: Re: [Openvas-discuss] Vulnerabilities OpenVAS Am 20.10.2015 um 14:30 schrieb Diego Gomes:Thanks Chris, So, I need to: vi /usr/lib/systemd/system/openvas-scanner.servicenever ever touch /usr/lib/systemd/system/ whatever you touch would be overwritten with the next update and so you throw away one of the biggest improvements compard to sysvinit * disable services you want to edit * copy the systemd-unit to /etc/systemd/system/ * edit the copy there * enable the service again * systemctl daemon reload * systemctl restart servicenameinsert "--gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0"" this line at the end of the file?for sure not at the end of the systemd-unit what should systemd do with that line? it's a param for the ExecStart process if there is not a config fileThe same for /usr/lib/systemd/system/openvas-manager.servicesame as above - don't touch /usr/lib/systemd
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
