|
How to remove services from nsswitch file?
According to security manual only DNS, files, or LDAP should be allowed in nsswitch file however it seems like i have many other services configured in nsswitch files.
below are the content from nsswitch file. What services can be removed considering the system stability. Code:
passwd: files |
Please elaborate (using the file you posted) which bits you consider
to be the services? I'd also like to hear from you whether your organisation makes actual use of nis(plus) ... Cheers, Tink |
We are using DNS servers and not NIS.also wanted to add here that i dont have any working knowledge of what does this file signifies i just want to follow the security manual statement which is as below.
"The name services configuration file nsswitch.conf must be configured to only support DNS, files, or LDAP. All other service types must be removed from the nsswitch.conf file. " |
May I recommend a thorough read of 'man 5 nsswitch.conf"?
Determine from there in how far the "security recommendation" is feasible, and can be adhered to in your environment w/o breaking it. Cheers, Tink |
We are using dns server instead of NIS should we follow what the following link says.
http://www.faqs.org/docs/securing/chap6sec71.html |
Quote:
changes to the file if you're not cautious about the version of libc your system uses. While the advice given in the link is sound it's not sufficient to base a decision on. Cheers, Tink |
| All times are GMT -5. The time now is 03:25 PM. |