|
»
»
« Return to Thread: amd64 on SU9400
Re: security.conf and xdm/xfs
by Manuel Bouyer
::
Rate this Message:
On Thu, Jul 16, 2009 at 09:41:31AM +0200, neys wrote:
> hello,
>
> i set up a box with netbsd 5.0 amd64. there are no X-components installed,
> therefore the files /etc/rc.d/xdm and /etc/rc.d/xfs are missing. so
> security checks from /etc/daily always claim:
>
> Checking special files and directories.
> missing: ./etc/rc.d/xdm
> missing: ./etc/rc.d/xfs
>
>
> because of this part from man security.conf(5):
>
> The following mtree(8) tags modify how files are determined from
> /etc/mtree/special and /etc/mtree/special.local:
> exclude The entry is ignored; no backups are made
> and the differences are not displayed.
> This includes dynamic or binary files such
> as /var/run/utmp.
>
> nodiff The entry is backed up but the differences
> are not displayed because the contents of
> the file are sensitive. This includes
> files such as /etc/master.passwd.
>
> i tried to block the check of those files by adding the following two lines
> to /etc/mtree/special.local:
>
> ./etc/rc.d/xdm type=file mode=0555 tags=exclude
> ./etc/rc.d/xfs type=file mode=0555 tags=exclude
>
>
> but this does not change anything. is there a way to get rid of the check
> for those files beside deleting the appropriate lines from
> /etc/mtree/special?
I added
./etc/rc.d/xdm type=file mode=0555 optional
./etc/rc.d/xfs type=file mode=0555 optional
to /etc/mtree/special.local
--
Manuel Bouyer <bouyer@...>
NetBSD: 26 ans d'experience feront toujours la difference
--
> hello,
>
> i set up a box with netbsd 5.0 amd64. there are no X-components installed,
> therefore the files /etc/rc.d/xdm and /etc/rc.d/xfs are missing. so
> security checks from /etc/daily always claim:
>
> Checking special files and directories.
> missing: ./etc/rc.d/xdm
> missing: ./etc/rc.d/xfs
>
>
> because of this part from man security.conf(5):
>
> The following mtree(8) tags modify how files are determined from
> /etc/mtree/special and /etc/mtree/special.local:
> exclude The entry is ignored; no backups are made
> and the differences are not displayed.
> This includes dynamic or binary files such
> as /var/run/utmp.
>
> nodiff The entry is backed up but the differences
> are not displayed because the contents of
> the file are sensitive. This includes
> files such as /etc/master.passwd.
>
> i tried to block the check of those files by adding the following two lines
> to /etc/mtree/special.local:
>
> ./etc/rc.d/xdm type=file mode=0555 tags=exclude
> ./etc/rc.d/xfs type=file mode=0555 tags=exclude
>
>
> but this does not change anything. is there a way to get rid of the check
> for those files beside deleting the appropriate lines from
> /etc/mtree/special?
I added
./etc/rc.d/xdm type=file mode=0555 optional
./etc/rc.d/xfs type=file mode=0555 optional
to /etc/mtree/special.local
--
Manuel Bouyer <bouyer@...>
NetBSD: 26 ans d'experience feront toujours la difference
--
« Return to Thread: amd64 on SU9400
| Free embeddable forum powered by Nabble | Forum Help |
