Subject: Re: install floppy twists
To: None <>
From: None <>
List: tech-install
Date: 07/24/2000 23:15:19
>> 2. system boots up into multiuser mode, without root password configured
>> 	is it okay to do this?
>This should be fixed.
>Then again, it's not as big a hole as it seems at first:
> - inbound telnet/ftp are turned off by default, and even if they get
>turned back on,
> - tty[pq...]? are not marked "secure", so root can't telnet in.
> - root is listed in /etc/ftpusers as "deny".
>so the only way root can get in is on the console, and in the vast
>majority of installations, giving someone console access also gives
>them the ability to boot the machine in single-user mode, bypassing
>the password check.

	yes, i noticed.
	the best way (i believe) to solve this would be to add root-password
	setup menu into sysinst.

>> 4. if we use DHCP, /etc/ifconfig.IF will have the address we have
>>    obtained via DHCP.  this seems incorrect.
>IMHO, if you got the address via dhcp, sysinst should set up rc.conf,
>etc., to enable dhcp on that interface if the user answers "yes" to
>the keep-using-this-network-config question..

	that is my impression too.  adding dhclient=YES would be the best way.

	things gets unclear if we retry network configuration however - we can
	tweak values we got from dhcp server via onscreen editing session,
	for example.  sysinst/net.c needs some more cleanup.