EB wrote:
>
> Hi,
>
> Where do you actually get documentation on making
> configuration changes on the e-smith server?
The devinfo mailing list is your best source of the latest technical/internal information. This is also distilled into documents on
www.e-smith.org as time permits.
> In the 4.1.2
> release notes, point #2 says that public services can now be
> restricted to allow access only from the internal network.
> Where is the documentation that explains how to do that? I
> can't find it on the forums, or the manual. I went into the
> /home/e-smith/configuration file and added |access|private|
> to the httpd and mysqld lines, but when I scan my ports, port
> 80(http), 114(auth), 443(https) & 3306(mysql)
> they still show open.
Excellent research. Are you running in serveronly mode? If so, the ipchains rules are disabled. Serveronly mode is designed for use on a private, internal network, as discussed in the manual (
www.e-smith.org/docs/manual).
If you are running in server-gateway mode, your changes should work as long as you perform an event which rebuilds the configuration files, in this case "/sbin/e-smith/signal-event remoteaccess-update".
However, given that you can see the MySQL port, I would guess you are running in serveronly mode.
> I'm developing a php driven intranet
> page that I dont particularly want people to be able to
> access from the outside. Do I have to manually go alter the
> ipchains file or is there an easier way?
/etc/e-smith/events/actions/disable-external-services
Please note that this program makes changes to the configuration database which are not currently reversible through the e-smith-manager (such as setting httpd-e-smith "access" to "private").
Gordon
6 Replies
1474 Views