From: Marshall Midden <m4@nts.umn.edu>
Date: Wed, 15 Oct 1997 16:03:42 -0700 (PDT)
To: tech@openbsd.org
Subject: Document on Customizing OpenBSD after install
Message-ID: <199710152020.PAA24415@unet.unet.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


Is there a checklist someplace on what to do after the install of OpenBSD 2.2?

I'm thinking like:
   1) Go into /etc
	a) Verify disks and network interfaces configured correctly.
	   Files: fstab, hosts, myname, hostname.le0, mygate, resolv.conf, defaultdomain.
	   You might wish to turn off multicast routing in /etc/netstart.
	b) Edit motd to make lawyers comfortable and delete "Welcome".
	c) Fix passwd via "vipw" to change passwords, set up users, etc.
	   Make sure password on "root".  Default is no password from console, and
	   disabled from network.  Make sure to edit "group" for any user groups,
	   and to put people into the wheel group if they need root access.
	d) Any local configuration change in: rc.conf, rc.local
	e) printcap, hosts.lpd	Get printers set up
	f) Tighten security:
		fbtab		Set security for X
		inetd.conf	Turn off extra stuff, add that which is really needed.
		rc.securelevel	Turn on Network Time Protocol.
	g) kerberosIV		Get kerberos configured.  Remember to get a srvtab.
	h) aliases		Local mail delivery (set postmaster, etc).  Run newaliases
	   after changes.
	i) bootptab		If this is a bootp server.
	j) ccd.conf		If using concatenated disks (striped, etc).
	k) exports		If this is an NFS server.
	m) NIS (old yellow pages), hosts.equiv, defaultdomain, etc.
	n) ifaliases for www, etc.
	o) daily, weekly, monthly.
	p) "amd" directory if using this package.
	q) rbootd if needed for remote booting (ethernet MAC address to IP translation).
	r) Any other files and directories in /etc.

   2) crontab -l.		Do you need anything else?
   3) After the first nights security run, change ownerships and permissions on things.
	Best bet is to have permissions as in the security list.