Help required in disabling commands.
I want to disable following commands in my linux distribution (Thanks to Linux hardening guide)
Code:
# which rcp Code:
# rpm -qf `which rcp` Code:
# rpm -qlp krb5-workstation-1.6.1-31.el5_3.3.i386.rpm What else can be done to disable these command? |
That's odd, not to mention annoying ... Anyway,
1. you can set the the ownerships are root:root and remove ALL perms. 2. Another option is to just manually delete just those binaries; should work I believe. 3. rename them (you should try this before trying option 2; just in case you have to put them back ...) |
Quote:
As it shows rcp ,rlogin ,rsh are also part of below rpm. Confused what to do? I would be glad to know why two rpms listing the commands. The only difference is the first one listed the commands under /usr/kerberos and later in /user/bin Code:
# rpm -ql rsh-0.17-38.el5 |
Removing rpm or yum would be a disaster. The next thing (unless you really know what you are doing) would be a reinstall.
Try to rename the binaries else if you have a gui to enable/disable services you can get it done from there. Else put a custom script in rc.local that would say 'service rcp stop'. Havent used RH or its derivatives - man they are tough to handle. Hope this helps. |
Quote:
|
The point is, you've got 2 rpms that contain (2 separate copies of) those program files (& in the case of kerberos, more stuff as well).
0. Take a good backup! (preferably 2) 1. do you really need the kerberos installation? if not you should be able to yum remove it 2. the other one is the std rsh etc rpm and you should be able to yum remove it (I believe) Stick to yum cmds in order to handle dependencies if any. If this is a prod system, try any changes on a backup system first. https://access.redhat.com/kb/docs/DOC-2531 |
Quote:
As you can see its points to rsh in kerberos and not the /usr/bin/rsh installed in previous package. If i remove kerberos will it point /usr/bin/rsh or i need to manually link it. What command to issue for removing kerberos using yum. Code:
# yum remove kerberos Code:
# which rsh Code:
yum remove krb* |
Consider
Code:
rpm -qa|grep krb See the cmds in that link I gave. Only you know if you're using kerberos or not, or ask if this is a work system. As I said, if you're worried, just disable them as per my suggestions above; even just moving them to another dir not in anyone's $PATH would do, so long as they can't see it. Try that for a while and see if it matters. If not, you would prob 'yum remove krb5-workstation' to get rid. Code:
ll /usr/bin/rcp Code:
yum provides /usr/kerberos/bin/rcp HTH :) |
sorry I have not understood your problem correctly.
1) Why dont' you remove the commands alone or rename it from its locations(rm or mv accordinlgy). 2) Once that is done you can create a boot image from that to install to multiple other systems if you want. --Rameez |
All times are GMT -5. The time now is 01:46 AM. |