|
»
»
« Return to Thread: amd64 on SU9400
Re: security.conf and xdm/xfs
by neys
::
Rate this Message:
Manuel Bouyer wrote:
> On Thu, Jul 16, 2009 at 09:41:31AM +0200, neys wrote:
>> hello,
>>
>> i set up a box with netbsd 5.0 amd64. there are no X-components installed,
>> therefore the files /etc/rc.d/xdm and /etc/rc.d/xfs are missing. so
>> security checks from /etc/daily always claim:
>>
>> Checking special files and directories.
>> missing: ./etc/rc.d/xdm
>> missing: ./etc/rc.d/xfs
>>
>>
>> because of this part from man security.conf(5):
>>
>> The following mtree(8) tags modify how files are determined from
>> /etc/mtree/special and /etc/mtree/special.local:
>> exclude The entry is ignored; no backups are made
>> and the differences are not displayed.
>> This includes dynamic or binary files such
>> as /var/run/utmp.
>>
>> nodiff The entry is backed up but the differences
>> are not displayed because the contents of
>> the file are sensitive. This includes
>> files such as /etc/master.passwd.
>>
>> i tried to block the check of those files by adding the following two lines
>> to /etc/mtree/special.local:
>>
>> ./etc/rc.d/xdm type=file mode=0555 tags=exclude
>> ./etc/rc.d/xfs type=file mode=0555 tags=exclude
>>
>>
>> but this does not change anything. is there a way to get rid of the check
>> for those files beside deleting the appropriate lines from
>> /etc/mtree/special?
>
> I added
> ./etc/rc.d/xdm type=file mode=0555 optional
> ./etc/rc.d/xfs type=file mode=0555 optional
>
> to /etc/mtree/special.local
>
that works! man mtree is the right place to look at.
thanks for the help.
> On Thu, Jul 16, 2009 at 09:41:31AM +0200, neys wrote:
>> hello,
>>
>> i set up a box with netbsd 5.0 amd64. there are no X-components installed,
>> therefore the files /etc/rc.d/xdm and /etc/rc.d/xfs are missing. so
>> security checks from /etc/daily always claim:
>>
>> Checking special files and directories.
>> missing: ./etc/rc.d/xdm
>> missing: ./etc/rc.d/xfs
>>
>>
>> because of this part from man security.conf(5):
>>
>> The following mtree(8) tags modify how files are determined from
>> /etc/mtree/special and /etc/mtree/special.local:
>> exclude The entry is ignored; no backups are made
>> and the differences are not displayed.
>> This includes dynamic or binary files such
>> as /var/run/utmp.
>>
>> nodiff The entry is backed up but the differences
>> are not displayed because the contents of
>> the file are sensitive. This includes
>> files such as /etc/master.passwd.
>>
>> i tried to block the check of those files by adding the following two lines
>> to /etc/mtree/special.local:
>>
>> ./etc/rc.d/xdm type=file mode=0555 tags=exclude
>> ./etc/rc.d/xfs type=file mode=0555 tags=exclude
>>
>>
>> but this does not change anything. is there a way to get rid of the check
>> for those files beside deleting the appropriate lines from
>> /etc/mtree/special?
>
> I added
> ./etc/rc.d/xdm type=file mode=0555 optional
> ./etc/rc.d/xfs type=file mode=0555 optional
>
> to /etc/mtree/special.local
>
that works! man mtree is the right place to look at.
thanks for the help.
« Return to Thread: amd64 on SU9400
| Free embeddable forum powered by Nabble | Forum Help |
