View my profile
# cd /var/svc/profile
# mv generic.xml _generic.xml
# ln -s generic_limited_net.xml generic.xml
# svccfg apply /var/svc/profile/generic_limited_net.xml
Unfortunately there are still some of them left, ex. webconsole, rpc/bind.
I like plain environment, with only ssh service exposed. It could be simply done with this litte piece of code:
#!/bin/bash
SERVICES='autofs cde fc-cache ktkt_warn management ogl-select print rpc sendmail stfsloader stosreg webconsole'
netservices limited
for S in $SERVICES; do
for SVC in `svcs |sed "/$S/!d;s/.*\ svc/svc/"`; do
svcadm disable $SVC
done
done
No comments:
Post a Comment