git: fe06db1817e0 - main - bsdinstall: remove sendmail hardening option
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 01 Jun 2023 21:00:52 UTC
The branch main has been updated by bapt:
URL: https://cgit.FreeBSD.org/src/commit/?id=fe06db1817e0af6cbfa963598e249810773c115c
commit fe06db1817e0af6cbfa963598e249810773c115c
Author: Baptiste Daroussin <bapt@FreeBSD.org>
AuthorDate: 2023-06-01 20:37:06 +0000
Commit: Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2023-06-01 21:00:22 +0000
bsdinstall: remove sendmail hardening option
sendmail is fully disabled in 14.0 by default
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D40367
---
usr.sbin/bsdinstall/scripts/hardening | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/usr.sbin/bsdinstall/scripts/hardening b/usr.sbin/bsdinstall/scripts/hardening
index 4ee738fe0166..13d56f4efc0d 100755
--- a/usr.sbin/bsdinstall/scripts/hardening
+++ b/usr.sbin/bsdinstall/scripts/hardening
@@ -48,9 +48,8 @@ FEATURES=$( bsddialog --backtitle "$OSNAME Installer" \
"5 random_pid" "Randomize the PID of newly created processes" ${random_pid:-off} \
"6 clear_tmp" "Clean the /tmp filesystem on system startup" ${clear_tmp:-off} \
"7 disable_syslogd" "Disable opening Syslogd network socket (disables remote logging)" ${disable_syslogd:-off} \
- "8 disable_sendmail" "Disable Sendmail service" ${disable_sendmail:-off} \
- "9 secure_console" "Enable console password prompt" ${secure_console:-off} \
- "10 disable_ddtrace" "Disallow DTrace destructive-mode" ${disable_ddtrace:-off} \
+ "8 secure_console" "Enable console password prompt" ${secure_console:-off} \
+ "9 disable_ddtrace" "Disallow DTrace destructive-mode" ${disable_ddtrace:-off} \
2>&1 1>&3 )
retval=$?
exec 3>&-
@@ -85,9 +84,6 @@ for feature in $FEATURES; do
disable_syslogd)
echo 'syslogd_flags="-ss"' >> $BSDINSTALL_TMPETC/rc.conf.hardening
;;
- disable_sendmail)
- echo 'sendmail_enable="NONE"' >> $BSDINSTALL_TMPETC/rc.conf.hardening
- ;;
secure_console)
sed "s/unknown off secure/unknown off insecure/g" $BSDINSTALL_CHROOT/etc/ttys > $BSDINSTALL_TMPETC/ttys.hardening
;;