Basics

I am using a pre-release version, and something is horribly broken! Help!

Remember, pre-release versions are just that–pre-release, and thus not recommended for use on production systems. If your system is supported by the most recent release version, we recommend that you use that version on any production systems. If you require new features/OS support that is not provided by the most recent release version, or just enjoy playing with the cutting edge, then feel free to help us test pre-release versions. If, given the above, you are having problems with a pre-release version, before trying anything else, please make sure you are using the most recent pre-release, as many bugs get caught quickly by our wonderful testers, and fixed just as quickly in new pre-relase versions.

If you are using the most recent version and are still having problems, then please check the bastille-discuss mailing list archives to see if a solution to your problem has already been discussed. If not, or if you realize that you have gotten yourself in over your head and need some urgent help, please feel free to write to the list and describe your problem. (Just remember that everyone on the list is a volunteer; while you may often get your problem fixed very quickly, everyone who might be able to help you might also be busy with their day jobs for a while and thus take a while to get back to you.)

I just installed Bastille, and now KDE doesn’t work.

This is probably due to a bug in the version of xinetd that RedHat shipped with RH7.2. If you are running RH7.2 and cannot login using KDE (with failed login attempts possibly accompanied by a slew of emails claiming “Port Denial noted fam-unknown”), try adding the following line to your /etc/hosts.allow file before any DENY lines that might be present in that file:

fam : ALL : ALLOW Note that this opens up access to a service on your machine (FAM) for all other networked machines. If you are also using bastille to configure your machine’s network access controls (via ipchains/ipfilter), then this should not be a huge security hole; however, due to a bug in the address reported to libwrap by the version of xinetd in question, there is no way to enabled FAM for just the local machine. Also note that for high-security machines, running a GUI console is discouraged.

(Also note that there are reports of similar problems with GNOME, but none that have been confirmed as of yet; if you do run into GNOME FAM problems, please contact the list to let us know how you worked around them.)(https://github.com/contact) and we’ll help you sort it out.