Port-amd64 archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: security.conf and xdm/xfs

Manuel Bouyer wrote:
On Thu, Jul 16, 2009 at 09:41:31AM +0200, neys wrote:

i set up a box with netbsd 5.0 amd64. there are no X-components installed, therefore the files /etc/rc.d/xdm and /etc/rc.d/xfs are missing. so security checks from /etc/daily always claim:

Checking special files and directories.
missing: ./etc/rc.d/xdm
missing: ./etc/rc.d/xfs

because of this part from man security.conf(5):

The following mtree(8) tags modify how files are determined from /etc/mtree/special and /etc/mtree/special.local:
    exclude  The entry is ignored; no backups are made
             and the differences are not displayed.
             This includes dynamic or binary files such
             as /var/run/utmp.

    nodiff   The entry is backed up but the differences
             are not displayed because the contents of
             the file are sensitive.  This includes
             files such as /etc/master.passwd.

i tried to block the check of those files by adding the following two lines to /etc/mtree/special.local:

./etc/rc.d/xdm type=file mode=0555 tags=exclude
./etc/rc.d/xfs type=file mode=0555 tags=exclude

but this does not change anything. is there a way to get rid of the check for those files beside deleting the appropriate lines from /etc/mtree/special?

I added
./etc/rc.d/xdm                  type=file mode=0555     optional
./etc/rc.d/xfs                  type=file mode=0555     optional

to /etc/mtree/special.local

that works! man mtree is the right place to look at.

thanks for the help.

Home | Main Index | Thread Index | Old Index