From e76cb515ee0f26d9009f2a5561629dbbb4502741 Mon Sep 17 00:00:00 2001
From: Eugeni Dodonov <eugeni@mandriva.org>
Date: Wed, 11 Mar 2009 23:16:48 +0000
Subject: Changed server files to support remote/local services.

---
 src/msec/config.py  | 2 +-
 src/msec/libmsec.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/msec/config.py b/src/msec/config.py
index c79910e..1402c59 100644
--- a/src/msec/config.py
+++ b/src/msec/config.py
@@ -91,7 +91,7 @@ SETTINGS =    {'BASE_LEVEL':                    ("libmsec.base_level",
                'ALLOW_XAUTH_FROM_ROOT':         ("libmsec.allow_xauth_from_root",           ['yes', 'no']),
                'ALLOW_XSERVER_TO_LISTEN':       ("libmsec.allow_xserver_to_listen",         ['yes', 'no']),
                'AUTHORIZE_SERVICES':            ("libmsec.authorize_services",              ['yes', 'no', 'local']),
-               'CREATE_SERVER_LINK':            ("libmsec.create_server_link",              ['no', 'standard', 'secure']),
+               'CREATE_SERVER_LINK':            ("libmsec.create_server_link",              ['no', 'remote', 'local']),
                'ENABLE_AT_CRONTAB':             ("libmsec.enable_at_crontab",               ['yes', 'no']),
                'ENABLE_CONSOLE_LOG':            ("libmsec.enable_console_log",              ['yes', 'no']),
                'ENABLE_DNS_SPOOFING_PROTECTION':("libmsec.enable_ip_spoofing_protection",   ['yes', 'no']),
diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py
index 6c1d8b9..e39f8a8 100755
--- a/src/msec/libmsec.py
+++ b/src/msec/libmsec.py
@@ -826,7 +826,7 @@ class MSEC:
         pass
 
     def create_server_link(self, param):
-        '''  Creates the symlink /etc/security/msec/server to point to /etc/security/msec/server.SERVER_LEVEL. The /etc/security/msec/server is used by chkconfig --add to decide to add a service if it is present in the file during the installation of packages.'''
+        '''  Creates the symlink /etc/security/msec/server to point to /etc/security/msec/server.SERVER_LEVEL. The /etc/security/msec/server is used by chkconfig --add to decide to add a service if it is present in the file during the installation of packages. By default, two presets are provided: local (which only enables local services) and remote (which also enables some remote services considered safe). Note that the allowed services must be placed manually into the server.SERVER_LEVEL files when necessary.'''
         server = self.configfiles.get_config_file(SERVER)
 
         if param == "no":
-- 
cgit v1.2.1