57 lines
1.5 KiB
Bash
57 lines
1.5 KiB
Bash
#!/bin/sh -e
|
|
|
|
create_hosts_files() {
|
|
if [ ! -e /etc/hosts.allow ]; then
|
|
cat > /etc/hosts.allow <<EOF
|
|
# /etc/hosts.allow: list of hosts that are allowed to access the system.
|
|
# See the manual pages hosts_access(5) and hosts_options(5).
|
|
#
|
|
# Example: ALL: LOCAL @some_netgroup
|
|
# ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
|
|
#
|
|
# If you're going to protect the portmapper use the name "rpcbind" for the
|
|
# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
|
|
#
|
|
|
|
EOF
|
|
fi
|
|
|
|
if [ ! -e /etc/hosts.deny ]; then
|
|
cat > /etc/hosts.deny <<EOF
|
|
# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
|
|
# See the manual pages hosts_access(5) and hosts_options(5).
|
|
#
|
|
# Example: ALL: some.host.name, .some.domain
|
|
# ALL EXCEPT in.fingerd: other.host.name, .other.domain
|
|
#
|
|
# If you're going to protect the portmapper use the name "rpcbind" for the
|
|
# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
|
|
#
|
|
# The PARANOID wildcard matches any host whose name does not match its
|
|
# address.
|
|
#
|
|
# You may wish to enable this to ensure any programs that don't
|
|
# validate looked up hostnames still leave understandable logs. In past
|
|
# versions of Debian this has been the default.
|
|
# ALL: PARANOID
|
|
|
|
EOF
|
|
fi
|
|
}
|
|
|
|
case "$1" in
|
|
configure)
|
|
create_hosts_files
|
|
;;
|
|
|
|
abort-upgrade|abort-remove|abort-deconfigure)
|
|
;;
|
|
|
|
*)
|
|
echo "postinst called with unknown argument '$1'" >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
#DEBHELPER#
|