From c2a65919a8bd71611b9db9fd0dbcae9cc8fca445 Mon Sep 17 00:00:00 2001 From: Dru Lavigne Date: Fri, 18 Apr 2014 19:42:57 +0000 Subject: [PATCH] Fix some redundancy and title capitalization in Security chapter. Sponsored by: iXsystems --- .../books/handbook/security/chapter.xml | 35 +++++++++---------- 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/en_US.ISO8859-1/books/handbook/security/chapter.xml b/en_US.ISO8859-1/books/handbook/security/chapter.xml index 2498d21472..5fcd9d35bc 100644 --- a/en_US.ISO8859-1/books/handbook/security/chapter.xml +++ b/en_US.ISO8859-1/books/handbook/security/chapter.xml @@ -242,8 +242,8 @@ and even lock users into running only single, privileged commands such as &man.service.8; - After installation, edit the - /usr/local/etc/sudoers file by using + After installation, edit + /usr/local/etc/sudoers using the visudo interface. In this example, a new webadmin group will be added, the user trhodes to that group, and @@ -322,9 +322,8 @@ also enforce mixed characters. In particular the &man.pam.passwdqc.8; will be discussed. - To proceed, open the - /etc/pam.d/passwd file and add the - following line to the file. + To proceed, add the following line to + /etc/pam.d/passwd: password requisite pam_passwdqc.so min=disabled,disabled,disabled,12,10 similar=deny retry=3 enforce=users @@ -408,18 +407,18 @@ Enter new password: A backdoor or rootkit software does do one thing useful for administrators - once detected, it is a sign that a compromise happened at some point. But normally these types - types of applications are hidden very well. Tools do exist + of applications are hidden very well. Tools do exist to detect backdoors and rootkits, one of them is security/rkhunter. - After installation the system may be checked using the - following command which will produce a lot of - information: + After installation, the system may be checked using the + following command. It will produce a lot of + information and will require some manual + pressing of the ENTER key: &prompt.root; rkhunter -c - After the process complete, which will require some manual - pressing of the ENTER key, a status message + After the process completes, a status message will be printed to the screen. This message will include the amount of files checked, suspect files, possible rootkits, and more. During the check, some generic security warnings may @@ -477,8 +476,8 @@ Enter new password: &prompt.root; mtree: /bin checksum: 3427012225 - Viewing the bin_cksum_mtree file - should yield output similar to the following as well: + Viewing bin_cksum_mtree + should yield output similar to the following: # user: root # machine: dreadnaught @@ -518,8 +517,8 @@ Enter new password: was originally ran. Since no changes occurred in the time these commands were ran, the bin_chksum_output output will be empty. - To simulate a change, change the date on the - /bin/cat file using &man.touch.1; and run + To simulate a change, change the date on + /bin/cat using &man.touch.1; and run the verification command again: &prompt.root; touch /bin/cat @@ -1264,7 +1263,7 @@ Aug 27 15:37:58 Aug 28 01:37:58 krbtgt/EXAMPLE.ORG@EXAMPLE.ORG - Configuring a Server to use + <title>Configuring a Server to Use <application>Kerberos</application> @@ -1356,7 +1355,7 @@ kadmin> exit - Configuring a Client to use + <title>Configuring a Client to Use <application>Kerberos</application> @@ -2899,7 +2898,7 @@ user@unfirewalled-system.example.org's password: *******< - Don't confuse /etc/ssh/sshd_config + Do not confuse /etc/ssh/sshd_config with /etc/ssh/ssh_config (note the extra d in the first filename). The first file configures the server and the second file