On Sat, Sep 28, 2002 at 09:35:22PM -0400, Susan Buczak wrote:
how does one go about initiating the personal-firewall the first time for suse8.0? Yast2 will start configuration for suseFirewall2 but there isn't any source help for initiating the personal firewall. calling it from /sbin does nothing.
From /etc/sysconfig/SuSEfirewall2:
"# Should the Firewall be started? # # This setting is done via the links in the /etc/init.d/rc?.d runlevel # directories, which can be tweaked with a runlevel editor (or manually)" otto@fubar:~> locate fire | grep init.d /etc/init.d/personal-firewall.final /etc/init.d/personal-firewall.initial /etc/init.d/rc2.d/K02personal-firewall.final /etc/init.d/rc2.d/K23personal-firewall.initial /etc/init.d/rc2.d/S01personal-firewall.initial /etc/init.d/rc2.d/S22personal-firewall.final /etc/init.d/rc3.d/K02personal-firewall.final /etc/init.d/rc3.d/K23personal-firewall.initial /etc/init.d/rc3.d/S01personal-firewall.initial /etc/init.d/rc3.d/S22personal-firewall.final /etc/init.d/rc5.d/K02personal-firewall.final /etc/init.d/rc5.d/K23personal-firewall.initial /etc/init.d/rc5.d/S01personal-firewall.initial /etc/init.d/rc5.d/S22personal-firewall.final /etc/init.d/SuSEfirewall2_final /etc/init.d/SuSEfirewall2_init /etc/init.d/SuSEfirewall2_setup Looks like you should take a lookt at /etc/init.d/SuSEfirewall2_init, /etc/init.d/SuSEfirewall2_setup and possibly /etc/init.d/SuSEfirewall2_final.
Second, I need to configure certain /etc files, for instance I want only certain local users in access.conf. When I make the changes the system doesn't recognize that the files have been changed.
Strange, it works for me, I can just uncomment the following line and only peeps in group wheel can login on the console: -:ALL EXCEPT wheel shutdown sync:console Does this work for you? Do you see anything in your log files?
Likewise I tried setting su to group wheel for admin only and chmod to 4750 so only wheel can use it, and on reboot it allows everyone to attempt login again, it reset itself.
There are 2 (and probably more ways) how to achieve only wheel from being able to use su. You already tried the first the second is to add the following line to /etc/pam.d/su: auth required /lib/security/pam_wheel.so group=wheel Does this work for you? Maybe someone more familliar with Suse could explain why chgrp-ing /bin/su to wheel, and then chmod-ing it 4750 does not work for you.. On a side note: sudo enables you a much finer control over who is able to do what on your systems. Next to finer control it also features a better logging system. Best regards, -- Otto