Subject: Re: symlink complaints in /etc/security
To: Perry E. Metzger <perry@piermont.com>
From: Luke Mewburn <lukem@NetBSD.org>
List: tech-security
Date: 12/08/2003 12:52:02
--K6Vt3zCKtaqyTnPU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Sun, Dec 07, 2003 at 07:08:22PM -0500, Perry E. Metzger wrote:
  | What do people think of my making check_mtree_follow_symlinks=YES the
  | default in security.conf, and changing /etc/localtime in special to
  | "file" so that doesn't bitch?

Given you've changed your system away from the default in that
circumstance, I'd grealtly prefer it if you left the NetBSD
default alone and changed /etc/security.conf on your system.
(Or implement one of my suggestions below :-)


  | The minus is that you won't notice if you don't use any symlinks and
  | someone goes in and adds one you don't want to be added.

Right.

The problem is determine what is the correct behaviour to solve
both the problem of replacing existing items with symlinks,
without causing issues with symlinks such as /etc/localtime.

There's at least three solutions I can think of.

    1.	Add a new mtree attribute which directs mtree to
	follow a symlink and check the target type has
	the correct settings.  (A "once off -L", if you like).
	This would be only relevant with mtree -P (the current
	default), and would still require you to edit
	/etc/mtree/special, which isn't optimal.


    2.	Change mtree -L to specially handle type=link entries.
	This could be tricky given that -L enables fts(3)'s
	FTS_LOGICAL.


    3.	Change the way that /etc/mtree/special and
	/etc/mtree/special.local are used by /etc/security, such
	that entries in special.local override entries in special.
	Then, if you make changes such as replacing directories
	with symlinks, add the new entry to special.local.

	I like this option much better, since it doesn't involve
	adding more special cases to mtree, and allows the end user
	to override NetBSD's /etc/mtree/special defaults without
	fear of losing the changes when postinstall (et al) is run.

	Using "mtree -C -K all" on the various special files, massaged
	and merged with a bit of awk (for example) could be useful here.
	This gets a bit tricky if special contains a directory with
	children that you want to replace with a symlink in
	special.local (and remove the children from the resultant list).


Cheers,
Luke.

--K6Vt3zCKtaqyTnPU
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQE/09lCpBhtmn8zJHIRAlRmAJ9FBTZd4z3f2nBihMN6caDfSHrzAQCguPsH
OhFy2yffxEfbZqU8YWOc/3M=
=HhoB
-----END PGP SIGNATURE-----

--K6Vt3zCKtaqyTnPU--