Differences

This shows you the differences between two versions of the page.

--- openbsd:shell [2019/12/01 05:26]
jrmu
+++ openbsd:shell [2020/05/19 00:27] (current)
jrmu
@@ Line 17: / Line 17: @@
         }
 </code>
+Update: hiding logs was causing problems
 We also hide logs in /var/logs and /var/www/logs
@@ Line 148: / Line 150: @@
 zip-3.0p1           create/update ZIP files compatible with PKZip(tm)
 zstd-1.4.3          zstandard fast real-time compression algorithm
+</code>
+To set the user's default prompt to  "username$ ", stick this into /etc/profile:
+<code>
+export PS1="`whoami`$ "
+</code>
+<code>
+             # chmod -R o-rx /var/log
+             # chmod o-rx /var/run/utmp
+             # chmod o-r /var/log/wtmp*
 </code>
@@ Line 159: / Line 173: @@
 # chmod 750 /var/log
 # chmod o-rx /var/log/*
+# chmod -R o-rx /etc/mail
 </code>
@@ Line 191: / Line 206: @@
 <code>
              # find / -perm -4000
+</code>
+Check /etc/groups to make sure that no user is a member of wheel. This will prevent them from su to root even if they know the password.
+In /etc/ssh/sshd_config, turn off X11 forwarding
+Create symlinks for users so they don't complain:
+<code>
+ln -s /usr/local/bin/tclsh8.6 /usr/local/bin/tclsh
+ln -s /usr/local/bin/python3.7 /usr/local/bin/python
+</code>
+You will want to have /var/www/etc/resolv.conf to allow DNS lookup inside the chroot:
+<code>
+# mkdir /var/www/etc/
+# cp /etc/resolv.conf /var/www/etc/
+# chown -R www:daemon /var/www/etc
 </code>

IRCNow