--/NkBOFFp2J2Af1nK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jun 11, 2007 at 09:08:44AM -0400, Chris Ross wrote:
  |   I have an /etc/dhclient-exit-hooks on one of my hosts, and I am =20
  | getting output from /etc/security runs complaining about the =20
  | permissions.  It's currently mode 0555.  I see that /etc/mtree/=20
  | special lists that it (and dhclient-enter-hooks) should be 0644 (or =20
  | less?).  This is an error, I think.
  |=20
  |   The man page for dhclient-script(8) notes that these files must be =
=20
  | executable to be used.  Therefore, I think the etc/mtree/special file =
=20
  | should be changed to indicate that this is allowed, if not required.
  |=20
  |   Let me know if I've gotten something wrong, but...


The implementation of /sbin/dhclient-script just detects the
presence of the hook files using test -f, rather than testing
for executable status with test -x, so installing the hooks
as 0644 should be sufficient.

I think that the documentation for dhclient-script(8) is a bit unclear.
Have you asked on dhcp-client@isc.org for a definitive answer?

cheers,
Luke.

--/NkBOFFp2J2Af1nK
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (NetBSD)

iD8DBQFGchYmpBhtmn8zJHIRAkfsAJ9fWbptpmwjKtThzvxUEzSzriLveQCeIeru
eiznjF1pqCh8XU0LCwdobbw=
=/C6v
-----END PGP SIGNATURE-----

--/NkBOFFp2J2Af1nK--