# $Id: system.sed,v 3.15 2000/11/12 00:49:25 chouanar Exp $ # # Author: Jean Chouanard # # ******************************************************************************************* # # Copyright (c) 2000 Xerox Corporation. All rights reserved. # # Redistribution and use in source and binary forms, with or without modification, # are permitted provided that the following conditions are met: # # Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # # Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # # Neither name of the Xerox, PARC, nor the names of its contributors may be # used to endorse or promote products derived from this software without # specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE XEROX CORPORATION OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # # ******************************************************************************************* # # # ############################################### # sed script to update /etc/system # !install $a\ * SECCLEAN modification\ * Increase File descriptor limits: 1024 default, 2048 max\ set rlim_fd_max=1024\ set rlim_fd_cur=256\ \ * Increase SVR4 style ptys\ set pt_cnt=128\ * Attempt to prevent and log stack-smashing attacks\ set noexec_user_stack=1\ set noexec_user_stack_log=1\ * enable advanced memory paging technique\ set priority_paging=1\ set tcp:tcp_conn_hash_size=16384\ * Suggested by Robert Montjoy \ * If the NFS_PORTMON variable is set, then clients are required to use\ * privileged ports (ports < IPPORT_RESERVED )in order to get NFS services. \ set nfssrv:nfs_portmon=1\ * Should set max users processes in here too\ set maxuprc=150\ * added to limit core files size\ set sys:coredumpsize = 0\ * END of SECCLEAN modification # !remove /\* SECCLEAN modification/,/\* END of SECCLEAN modification/d # ************************************************************ # $Log: system.sed,v $ # Revision 3.15 2000/11/12 00:49:25 chouanar # *** empty log message *** # # Revision 3.14 2000/07/18 23:51:12 chouanar # license # # Revision 3.13 2000/07/04 22:49:03 chouanar # typo in the log messages # reported by Sweth Chandramouli # # Revision 3.12 2000/07/04 17:48:05 chouanar # license # # Revision 3.11 2000/05/24 20:35:03 chouanar # *** empty log message *** # # Revision 3.10 2000/05/16 16:08:47 chouanar # typo on nfs variables # # Revision 3.9 2000/04/11 21:31:53 chouanar # enable port monitoring # # Revision 3.8 2000/04/11 21:05:59 chouanar # add coredumpsize limit # # Revision 3.7 2000/03/16 17:05:03 chouanar # Add a max of process per users # # Revision 3.6 2000/03/16 01:30:26 chouanar # forgot the \ at the end of the line # # Revision 3.5 2000/03/15 23:43:47 chouanar # two typo, and remove one set # # Revision 3.4 2000/03/15 23:41:54 chouanar # *** empty log message *** # # Revision 3.3 2000/03/15 23:38:27 chouanar # add more setting suggested by : Robert Montjoy # # Revision 3.2 2000/03/09 18:46:27 chouanar # delete the bsd pty stuff # # Revision 3.1 1999/07/16 21:39:16 chouanar # more advanced tuning, including priority paging and tcp_hash table # # Revision 3.0 1999/03/14 23:16:04 chouanar # new SECclean, Compatible 2.[67], using the new PARCpkgu # # Revision 2.0 1998/11/17 22:48:51 jean # *** empty log message *** # # ************************************************************