AW: [suse-security] Loading firewall script on boot time
Why is my fwscript not loaded at boot time? When i do these steps manually, it will work. You should put your script into /etc/rc.d. Then you have to create a symbolic link in /etc/rc.d/rcX.d which points to your script. X is the number of your default runlevel. If you don't know your default runlevel, you can have a look at /etc/inittab. There it is defined. The name of the link should begin with S and a high number, e.g. S99, because it should be the last script to be executed. But take care if you install any additional packets afterwards. The system will compute the sequence of the startup scripts again, and your script will then start with S00. This is because some info in your script is missing which tells the system, namely
Hi, Knut Erik, the program insserv, which other scripts/services/daemons have to be started before. I haven't gone very deep into this subject yet. If the SuSE guys have additional info, I appreciate it. Bye Uli -- Ulrich Roth IMPACT Business & Technology Consulting GmbH Im Mediapark 8 / KölnTurm D-50670 Koeln Phone +49-221-93 70 80-29 Fax +49-221-93 70 80-15 E-Mail: roth@impact.de
Hi, Isn't this what the yast runlevel editor does for you?? Andy On Wednesday 30 July 2003 11:14, Ulrich Roth wrote:
Hi, Knut Erik,
Why is my fwscript not loaded at boot time? When i do these steps manually, it will work.
You should put your script into /etc/rc.d. Then you have to create a symbolic link in /etc/rc.d/rcX.d which points to your script. X is the number of your default runlevel. If you don't know your default runlevel, you can have a look at /etc/inittab. There it is defined. The name of the link should begin with S and a high number, e.g. S99, because it should be the last script to be executed. But take care if you install any additional packets afterwards. The system will compute the sequence of the startup scripts again, and your script will then start with S00. This is because some info in your script is missing which tells the system, namely the program insserv, which other scripts/services/daemons have to be started before. I haven't gone very deep into this subject yet. If the SuSE guys have additional info, I appreciate it. Bye Uli
Andy Bennett wrote:
Hi,
Isn't this what the yast runlevel editor does for you??
Linux makes people lazy :) Linux boot system is like classical System V, which consist of directrories rc1.d, rc2.d ... (run levels) where you have scripts which begins with "Snn" (statrup script) and "Knn" (kill script) In case of firewall i think the good way to start it after the network is up /etc/init.d/rc3.d/S05network start P.S. I did not mean to offend anybody in any way :)
Andy
On Wednesday 30 July 2003 11:14, Ulrich Roth wrote:
Hi, Knut Erik,
Why is my fwscript not loaded at boot time? When i do these steps manually, it will work.
You should put your script into /etc/rc.d. Then you have to create a symbolic link in /etc/rc.d/rcX.d which points to your script. X is the number of your default runlevel. If you don't know your default runlevel, you can have a look at /etc/inittab. There it is defined. The name of the link should begin with S and a high number, e.g. S99, because it should be the last script to be executed. But take care if you install any additional packets afterwards. The system will compute the sequence of the startup scripts again, and your script will then start with S00. This is because some info in your script is missing which tells the system, namely the program insserv, which other scripts/services/daemons have to be started before. I haven't gone very deep into this subject yet. If the SuSE guys have additional info, I appreciate it. Bye Uli
-- Best regards, Maxim Cherniavsky MTU-Intel, Internet Department mailto:maxim@mtu.ru
Hi, No problem... Regarding the point in question, though, can I just enquire why Knut is 'cooking his own' script rather than using the SuSEfirewall and custom-script route. It's pretty flexible and you don't need to worry about how to start/stop them. Andy On Wednesday 30 July 2003 13:17, Maxim Cherniavsky wrote:
Andy Bennett wrote:
Hi,
Isn't this what the yast runlevel editor does for you??
Linux makes people lazy :)
Linux boot system is like classical System V, which consist of directrories rc1.d, rc2.d ... (run levels) where you have scripts which begins with "Snn" (statrup script) and "Knn" (kill script) In case of firewall i think the good way to start it after the network is up /etc/init.d/rc3.d/S05network start
P.S. I did not mean to offend anybody in any way :)
Andy
On Wednesday 30 July 2003 11:14, Ulrich Roth wrote:
Hi, Knut Erik,
Why is my fwscript not loaded at boot time? When i do these steps manually, it will work.
You should put your script into /etc/rc.d. Then you have to create a symbolic link in /etc/rc.d/rcX.d which points to your script. X is the number of your default runlevel. If you don't know your default runlevel, you can have a look at /etc/inittab. There it is defined. The name of the link should begin with S and a high number, e.g. S99, because it should be the last script to be executed. But take care if you install any additional packets afterwards. The system will compute the sequence of the startup scripts again, and your script will then start with S00. This is because some info in your script is missing which tells the system, namely the program insserv, which other scripts/services/daemons have to be started before. I haven't gone very deep into this subject yet. If the SuSE guys have additional info, I appreciate it. Bye Uli
Ulrith, The key thing when you create a startup script is that you must include some comments in a special format between lines ### BEGIN INIT INFO ### END INIT INFO After putting fwscript in /etc/init.d you should type # chkconfig fwscript on to get the run-level links magically created. If you don't do it this way then SuSEconfig will change any links you create. This is not all that well documented, but have a look at /etc/init.d/skeleton man init.d man chkconfig Bob On Wed, 30 Jul 2003, Ulrich Roth wrote:
Hi, Knut Erik,
Why is my fwscript not loaded at boot time? When i do these steps manually, it will work. You should put your script into /etc/rc.d. Then you have to create a symbolic link in /etc/rc.d/rcX.d which points to your script. X is the number of your default runlevel. If you don't know your default runlevel, you can have a look at /etc/inittab. There it is defined. The name of the link should begin with S and a high number, e.g. S99, because it should be the last script to be executed. But take care if you install any additional packets afterwards. The system will compute the sequence of the startup scripts again, and your script will then start with S00. This is because some info in your script is missing which tells the system, namely the program insserv, which other scripts/services/daemons have to be started before. I haven't gone very deep into this subject yet. If the SuSE guys have additional info, I appreciate it. Bye Uli
============================================================== Bob Vickers R.Vickers@cs.rhul.ac.uk Dept of Computer Science, Royal Holloway, University of London WWW: http://www.cs.rhul.ac.uk/home/bobv Phone: +44 1784 443691
participants (4)
-
Andy Bennett
-
Bob Vickers
-
Maxim Cherniavsky
-
Ulrich Roth