summaryrefslogtreecommitdiff
path: root/net-misc/rancid/files/rancid-2.3.8-config.patch
diff options
context:
space:
mode:
Diffstat (limited to 'net-misc/rancid/files/rancid-2.3.8-config.patch')
-rw-r--r--net-misc/rancid/files/rancid-2.3.8-config.patch33
1 files changed, 0 insertions, 33 deletions
diff --git a/net-misc/rancid/files/rancid-2.3.8-config.patch b/net-misc/rancid/files/rancid-2.3.8-config.patch
deleted file mode 100644
index f39f28382da8..000000000000
--- a/net-misc/rancid/files/rancid-2.3.8-config.patch
+++ /dev/null
@@ -1,33 +0,0 @@
---- etc/rancid.conf.sample.in
-+++ etc/rancid.conf.sample.in
-@@ -42,7 +42,10 @@
- RCSSYS=@RCSSYS@; export RCSSYS
- #
- # if ACLSORT is NO, access-lists will NOT be sorted.
--#ACLSORT=YES; export ACLSORT
-+#
-+#Gentoo - changing default to NO because access-list order matters in most instances
-+#and many people expect to use rancid as a backup system
-+ACLSORT=NO; export ACLSORT
- #
- # if NOPIPE is set, temp files will be used instead of a cmd pipe during
- # collection from the router(s).
-@@ -50,10 +53,16 @@
- #
- # FILTER_PWDS determines which passwords are filtered from configs by the
- # value set (NO | YES | ALL). see rancid.conf(5).
--#FILTER_PWDS=YES; export FILTER_PWDS
-+#
-+#Gentoo - changing default to ALL; diffs are emailed and even the most secure
-+#password hashes on most routers are easily brute-forceable with modern systems
-+FILTER_PWDS=ALL; export FILTER_PWDS
- #
- # if NOCOMMSTR is set, snmp community strings will be stripped from the configs
--#NOCOMMSTR=YES; export NOCOMMSTR
-+#
-+#Gentoo - changing default to YES; diffs are emailed and SNMP communities
-+#can be just as dangerous as passwords
-+NOCOMMSTR=YES; export NOCOMMSTR
- #
- # How many times failed collections are retried (for each run) before
- # giving up. Minimum: 1
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-14 12:41:21 +0000