Page MenuHomeFreeBSD
Differential D23996

[handbook] bsdinstall add the hardening section
ClosedPublic
Actions

Authored by carlavilla on Mar 7 2020, 8:26 PM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 21 2024, 5:16 PM
Unknown Object (File)
Dec 20 2023, 7:30 AM
Unknown Object (File)
Nov 11 2023, 3:11 AM
Unknown Object (File)
Oct 10 2023, 2:12 AM
Unknown Object (File)
Sep 17 2023, 7:35 PM
Unknown Object (File)
Jul 27 2023, 7:24 PM
Unknown Object (File)
Jun 13 2023, 11:51 PM
Unknown Object (File)
Apr 26 2023, 9:15 PM
View All 12 Files
Subscribers
None

Details

Reviewers
bcr
Commits
rD53958: Add the hardening section to the handbook
Summary

Add the hardening section to the bsdinstall section of the handbook.
Update the final configuration section to reflect the new hardening section.
And correct bug in the services section.

Test Plan

Compile the handbook

Diff Detail

Repository
rD FreeBSD doc repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

carlavilla created this revision.Mar 7 2020, 8:26 PM
bcr added a comment.Mar 7 2020, 9:21 PM

Ah, it's high time that these settings get documented. Thanks for that.
I've added a few corrections and clarifications.

en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml
2341 ↗(On Diff #69298)

s/the/their/

2359 ↗(On Diff #69298)

s/users prevent/users to prevent/

2366 ↗(On Diff #69298)

s/groups prevent/groups to prevent/
s/user//

2373 ↗(On Diff #69298)

s/jails prevent/jails to prevent/

2379 ↗(On Diff #69298)

s/users prevent/users to prevent/

2386 ↗(On Diff #69298)

s/will disable/disables/

2403 ↗(On Diff #69298)

just write "Clean /tmp (with the markup) when the system starts up."
The markup makes it clear that this is a directory.

2411 ↗(On Diff #69298)

s/the flag//

2412 ↗(On Diff #69298)

That prevents the daemon from listening for...

2413 ↗(On Diff #69298)

s/514 port/port 514/

2416 ↗(On Diff #69298)

... which prevents syslog from opening any port.

2427 ↗(On Diff #69298)

When this option is enabled, the ...
s/promt/prompt/
s/ask about/requests/
s/in single/when entering single/

2436 ↗(On Diff #69298)

s/the flag//

carlavilla updated this revision to Diff 69300.Mar 7 2020, 10:06 PM
carlavilla marked 10 inline comments as done.

Fixed. Thanks for the corrections!

bcr accepted this revision.Mar 8 2020, 10:28 AM

You're welcome. Go ahead with the commit.

This revision is now accepted and ready to land.Mar 8 2020, 10:28 AM
Closed by commit rD53958: Add the hardening section to the handbook (authored by carlavilla). · Explain WhyMar 8 2020, 10:40 AM
This revision was automatically updated to reflect the committed changes.
carlavilla marked 3 inline comments as done.
carlavilla added a commit: rD53958: Add the hardening section to the handbook.

Revision Contents
Changeset List

PathSize
head/
en_US.ISO8859-1/
books/
handbook/
1 line
bsdinstall/
115 lines
share/
images/
books/
handbook/
bsdinstall/

Diff 69304

View Options

head/en_US.ISO8859-1/books/handbook/Makefile

Loading...
View Options

head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml

Loading...
View Options

head/share/images/books/handbook/bsdinstall/bsdinstall-finalconfiguration.png

Loading...
View Options

head/share/images/books/handbook/bsdinstall/bsdinstall-hardening.png

Loading...