We're working on securing the AIX environment. started with disabling unused services on AIX.
Below are the entries which are not commented on my test LPAR (even other LPARs).
I believe ntalk is used for conversation purpose (between users), can disable that. I'm going to disable caa_cfg, since we are not using any cluster software.
I would like to leave "xmquery" as it is, since its not going to impact security. Please correct me if am wrong ?
I've a question about below entries
daytime
time
will it affect my server functionality in anyway If I disable these services ?
Hi there
I'm trying to set up swat on my linux box at home and when i read the man pages on it it says that i have to edit a file called inetd.conf but i did a search like
find / -name inetd.conf
but it only comes up with this.
/etc/linuxconf/archive/Home-Office/etc/inetd.conf
find:... (2 Replies)
Hi!!,
I have been working on a HP UX box all these days.. For adding a user defined service, I used to put an entry for this service corresponing to a port number in /etc/services. These services were then defined in inetd.conf.
Now I have moved to Mandrake linux. I can find a file named... (2 Replies)
I need to put the following line in inetd.conf:
stats stream tcp nowait nobody /usr/local/bin/mrtgsysinfo mrtgsysinfo
but my version of linux don't seem to allow that, ie there is no inetd.conf. How do i set that up in linux (red hat enterprise 3). (15 Replies)
I'm trying to edit the inetd.conf but for some reason when I vi into it, it says "Read Only" even though I am root and the perms are 777?!? (2 Replies)
Anyone have a perl script that can be run via a web browser to turn ftp or telnet on and off in etc/inetd.conf ? Believe it or not but I ride a motorcycle a lot in the summer and carry a laptop in my saddlebags to connect from almost anywhere via Verizon alongside the highway. However, have too... (0 Replies)
Hi, I tried to do some research on this subject, but got nothing conclusive.
I have the following need:
I have different servers with AIX versions 3.2.5 through 4.3.2.
Some of them have two ASCI terminals connected.
I have a shell script that is executed by a user on the main console... (2 Replies)
Hello everyone,
Can anyone help me please. I want to disable SSH direct access for an AIX user.
For example, if I have USER1 and USER2. I want to disactivate direct access for USER2. The user must enter his login (USER1) and his password and then he can do su - USER2 .
Thanks, (3 Replies)
Hi,
I am planning to disable SNMP in our AIX LPARs. wanted to see by disabling in a test LPAR.
before that, I would like to check disabling this SNMP will impact any of our application or database in anyway. what kind of other software depends on these SNMP daemons ?
Can you please let me... (9 Replies)
Hi,
We've a requirement to disable the protocols SSLv3, SSL v2 and TLS 1.0.
And have TLS 1.2 enabled using AEAD (Authentication Encryption with Associated Data).
This is the only information i have,
I'm not sure how to proceed, was trying to find information using google.
Can you... (6 Replies)
Hello all,
Newbie here.
I'm currently tasked with updating rsyslog.conf and auditd.conf on a large set of servers. I know the exact logging configurations that I want to enable. I have updated both files on on a server and hope to use the updated files as a template for the rest of the... (3 Replies)
Discussion started by: Mide
3 Replies
LEARN ABOUT REDHAT
perlos400
PERLOS400(1) Perl Programmers Reference Guide PERLOS400(1)NAME
README.os400 - Perl version 5 on OS/400
DESCRIPTION
This document describes various features of IBM's OS/400 operating system that will affect how Perl version 5 (hereafter just Perl) is com-
piled and/or runs.
By far the easiest way to build Perl for OS/400 is to use the PASE (Portable Application Solutions Environment), for more information see
http://www.iseries.ibm.com/developer/factory/pase/index.html This environment allows one to use AIX APIs while programming, and it provides
a runtime that allows AIX binaries to execute directly on the PowerPC iSeries.
Compiling Perl for OS/400 PASE
The recommended way to build Perl for the OS/400 PASE is to build the Perl 5 source code (release 5.8.1 or later) under AIX.
The trick is to give a special parameter to the Configure shell script when running it on AIX:
sh Configure -DPASE ...
The default installation directory of Perl under PASE is /QOpenSys/perl. This can be modified if needed with Configure parameter -Dpre-
fix=/some/dir.
Starting from OS/400 V5R2 the IBM Visual Age compiler is supported on OS/400 PASE, so it is possible to build Perl natively on OS/400. The
easier way, however, is to compile in AIX, as just described.
If building natively on PASE, please do the build under the /QOpenSys directory, since Perl is happier when built on a case sensitive
filesystem.
Installing Perl in OS/400 PASE
If you are compiling on AIX, simply do a "make install" on the AIX box. Once the install finishes, tar up the /QOpenSys/perl directory.
Transfer the tarball to the OS/400 using FTP with the following commands:
> binary
> site namefmt 1
> put perl.tar /QOpenSys
Once you have it on, simply bring up a PASE shell and extract the tarball.
If you are compiling in PASE, then "make install" is the only thing you will need to do.
The default path for perl binary is /QOpenSys/perl/bin/perl. You'll want to symlink /QOpenSys/usr/bin/perl to this file so you don't have
to modify your path.
Using Perl in OS/400 PASE
Perl in PASE may be used in the same manner as you would use Perl on AIX.
Scripts starting with #!/usr/bin/perl should work if you have /QOpenSys/usr/bin/perl symlinked to your perl binary. This will not work if
you've done a setuid/setgid or have environment variable PASE_EXEC_QOPENSYS="N". If you have V5R1, you'll need to get the latest PTFs to
have this feature. Scripts starting with #!/QOpenSys/perl/bin/perl should always work.
Known Problems
When compiling in PASE, there is no "oslevel" command. Therefore, you may want to create a script called "oslevel" that echoes the level
of AIX that your version of PASE runtime supports. If you're unsure, consult your documentation or use "4.3.3.0".
If you have test cases that fail, check for the existence of spool files. The test case may be trying to use a syscall that is not imple-
mented in PASE. To avoid the SIGILL, try setting the PASE_SYSCALL_NOSIGILL environment variable or have a handler for the SIGILL. If you
can compile programs for PASE, run the config script and edit config.sh when it gives you the option. If you want to remove fchdir(),
which isn't implement in V5R1, simply change the line that says:
d_fchdir='define'
to
d_fchdir='undef'
and then compile Perl. The places where fchdir() is used have alternatives for systems that do not have fchdir() available.
Perl on ILE
There exists a port of Perl to the ILE environment. This port, however, is based quite an old release of Perl, Perl 5.00502 (August 1998).
(As of July 2002 the latest release of Perl is 5.8.0, and even 5.6.1 has been out since April 2001.) If you need to run Perl on ILE,
though, you may need this older port: http://www.cpan.org/ports/#os400 Note that any Perl release later than 5.00502 has not been ported to
ILE.
If you need to use Perl in the ILE environment, you may want to consider using Qp2RunPase() to call the PASE version of Perl.
AUTHORS
Jarkko Hietaniemi <jhi@iki.fi> Bryan Logan <bryanlog@us.ibm.com> David Larson <larson1@us.ibm.com>
perl v5.8.0 2003-02-18 PERLOS400(1)