netbsd-users: Re: named_chrootdir and daily insecurity output

Subject: Re: named_chrootdir and daily insecurity output
To: Lubomir Sedlacik <salo@Xtrmntr.org>
From: Geert Hendrickx <ghen@telenet.be>
List: netbsd-users
Date: 05/01/2006 17:53:00

--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, May 01, 2006 at 05:41:47PM +0200, Lubomir Sedlacik wrote:
> security.conf(5):
>=20
>  check_mtree   This runs mtree(8) to ensure that the system is installed
>                correctly.  The following configuration files are checked:
>=20
>                /etc/mtree/special
>                      Default files to check.
>=20
>                /etc/mtree/special.local
>                      Local site additions.

Aha, that looks good.  Thanks for the pointer. =20

Btw, it seems like my particular case could also be solved by setting
check_mtree_follow_symlinks=3Dyes in /etc/security.conf. =20

	Geert

--BXVAT5kNtrzKuDFl
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (NetBSD)

iQEVAwUBRFYu3ILS9urEu56fAQINqAf+Jpfy2Z0Dynp3iEJx1l00zQCEBf0e7809
DdCIQ061ROfrf9h2PeuJ5uhDI3m1noJivxF7x/zb0Dps9QYx8v41jFRbmSalDlHf
10yHm/It+e/hI8K0ke6xerpKaCosVA0jQvQJxZ/ce+d3Jpf7LXe7uP7u0fB9KZkt
I9iJWHX9PlCpEBaJm3U6fOcAmI9o6JjmXFrQpLYvSCpxVDMA2w5iDck3zf4z3t54
qAuCdtpCU/aRBFntZg7QyDLFWLzKGqNvLv4GNtZ/VrU/KtcDn/o4k4bFMEcZpicZ
vRT9rpt7Msveby29aWl89xFLR/iLFIzK2iC3wBTXn8gCg3ApOCwGYA==
=NNWO
-----END PGP SIGNATURE-----

--BXVAT5kNtrzKuDFl--