Re: daily vs named

To: netbsd-users%netbsd.org@localhost
Subject: Re: daily vs named
From: Valery Ushakov <uwe%stderr.spb.ru@localhost>
Date: Wed, 18 Sep 2019 15:46:07 +0300

On Wed, Sep 18, 2019 at 12:25:57 +0100, Stephen Borrill wrote:

> On Tue, 17 Sep 2019, Dima Veselov wrote:
>
> > its not a great issue, but I wish to know if there is a clue
> > to daily(5) not complaining about relocated named(8).
> > I always move named(8) to /var/chroot as it is supposed
> > in rc.conf for security. After that daily(5) always complain:
> > 
> > Checking special files and directories. etc/namedb:
> >        type (dir, link) etc/named.conf:
> >        type (file, link)
> > 
> > Maybe there are some security exclusion mechanism around
> > distfiles?
> 
> You could do one of the following:
> 1) Add check_mtree_follow_symlinks=YES to /etc/security.conf
> 2) Add your own edited mtree entries to /etc/mtree/special.local

Yeah.  I have on my namesever:

$ cat /etc/mtree/special.local 
./etc/named.conf                type=link mode=0755
./etc/namedb                    type=link mode=0755


Perhaps we should install an empty (comment only) special.conf by
default.

-uwe

References:
- daily vs named
  - From: Dima Veselov
- Re: daily vs named
  - From: Stephen Borrill

Prev by Date: Re: daily vs named
Next by Date: Re: netbsd-9 build failed
Previous by Thread: Re: daily vs named
Next by Thread: addition to man pages?
Indexes:

Home | Main Index | Thread Index | Old Index