On 2016/04/10 18:50, Ingo Schwarze wrote: > [Cc:ing the print/cups maintainer] > > Hi Stephen, > > Stephen Hassard wrote on Sat, Apr 09, 2016 at 06:30:04PM +0000: > > > After installing the cups package I'm getting a warning from the daily > > insecurity check about /etc/printcap. > > > > The security output is as follows: > > --- > > Checking special files and directories. > > Output format is: > > filename: > > criteria (shouldbe, reallyis) > > etc/printcap: > > type (file, link) > > permissions (0644, 0755) > > mtree special: exit code 2 > > --- > > > > It seems that security is incorrectly reporting the mode of the symlink > > rather than the target file (/etc/cups/printcap in this case) which has > > the recommended 644 mode. > > Changing which mode is checked won't help you because security(8) > also complains that printcap(5) is a symlink rather than the expected > regular file. So you would still et spammed. > > Antoine, is it normal that CUPS replaces /etc/printcap with a symlink? > Any idea how to prevent people from getting spammed about that? > If we had an idea, we could explain it in README-main, which is > already quite good in many other respects. > > Yours, > Ingo >
That is normal. Between that, a few files where I have slightly wider read permissions for operational reasons, and the check on the DNSSEC root key in /var/unbound/db/root.key (where the timestamp in a comment is updated twice a day in normal operations), I divert those mails from many systems to a rarely read folder.. I'd be much more likely to read these if it only reported when there are *differences* in the mtree output.
