pascalc6 <[EMAIL PROTECTED]> writes: > http://qa.mandrakesoft.com/show_bug.cgi?id=1739 > > [EMAIL PROTECTED] changed: > > What |Removed |Added > ---------------------------------------------------------------------------- > Severity|normal |major > Priority|P2 |P1 > Platform|Other |PC
This is 2 different things, setting CHECK_PROMISC to no only remove this part of the daily reports. If you want to disable the continuous check use the following: enable_promisc_check(no) @resolution=invalid > ------- Additional Comments From [EMAIL PROTECTED] 2003-03-07 11:57 ------- > after setting check_promisc to 0 in /etc/security/msec/level.local > and running msec > > Mar 7 11:43:00 spirit CROND[4154]: (root) CMD ( > /usr/share/msec/promisc_check.sh) > Mar 7 11:44:00 spirit CROND[4185]: (root) CMD ( > /usr/share/msec/promisc_check.sh) > Mar 7 11:45:00 spirit CROND[4208]: (root) CMD ( > /usr/share/msec/promisc_check.sh) > Mar 7 11:46:00 spirit CROND[4228]: (root) CMD ( > /usr/share/msec/promisc_check.sh) > Mar 7 11:47:00 spirit CROND[4243]: (root) CMD ( > /usr/share/msec/promisc_check.sh) > Mar 7 11:48:00 spirit CROND[4275]: (root) CMD ( > /usr/share/msec/promisc_check.sh) > Mar 7 11:48:32 spirit msec: ### Program is starting ### > Mar 7 11:48:32 spirit msec: Reading local rules from > /etc/security/msec/level.local > Mar 7 11:48:33 spirit msec: Forbidding the X server to listen to tcp > connection > Mar 7 11:48:33 spirit msec: Allowing chkconfig --add from rpm > Mar 7 11:48:33 spirit msec: Setting password maximum aging for new > user to 180 > Mar 7 11:48:33 spirit msec: Setting password maximum aging for root > and users with id greater than 500 to 180 and delay to 10 days > Mar 7 11:48:33 spirit msec: User root in password aging exception list > Mar 7 11:48:33 spirit msec: User pascal in password aging exception > list > Mar 7 11:48:33 spirit msec: Allowing reboot to the console user > Mar 7 11:48:33 spirit msec: Writing config files and then taking needed > actions > Mar 7 11:48:33 spirit msec: Fixing owners and permissions of files and > directories > Mar 7 11:48:33 spirit msec: Reading data from /usr/share/msec/perm.3 > Mar 7 11:48:33 spirit msec: Reading data from > /etc/security/msec/perm.local > Mar 7 11:49:00 spirit CROND[4303]: (root) CMD ( > /usr/share/msec/promisc_check.sh) > > check promisc still in effet ! > > > > ------- You are receiving this mail because: ------- > You are on the CC list for the bug, or are watching someone who is. > > > > ------- Reminder: ------- > assigned_to: [EMAIL PROTECTED] > status: UNCONFIRMED > creation_date: > description: > # ls -l /etc/cron.d/msec > -rw-r--r-- 1 root root 56 f�v 5 10:01 /etc/cron.d/msec > [EMAIL PROTECTED] root]# cat /etc/cron.d > cron.d cron.daily > [EMAIL PROTECTED] root]# cat /etc/cron.d/msec > */1 * * * * root /usr/share/msec/promisc_check.sh > [EMAIL PROTECTED] root]# cat /etc/security/msec/ > level.local perm.local security.conf server.4 server.5 > [EMAIL PROTECTED] root]# cat /etc/security/msec/se > security.conf server.4 server.5 > [EMAIL PROTECTED] root]# cat /etc/security/msec/security.conf > TTY_WARN=no > SYSLOG_WARN=no > MAIL_WARN=yes > MAIL_USER=root > CHECK_UNOWNED=yes > CHECK_SHADOW=yes > CHECK_SUID_MD5=yes > CHECK_SECURITY=yes > CHECK_PASSWD=yes > CHECK_SUID_ROOT=yes > CHECK_PERMS=yes > CHECK_PROMISC=yes > CHECK_WRITABLE=yes > CHECK_OPEN_PORT=yes > CHECK_SGID=yes > CHKROOTKIT_CHECK=yes > RPM_CHECK=yes > [EMAIL PROTECTED] root]# vi /etc/security/msec/security.conf > [EMAIL PROTECTED] root]# cat /etc/security/msec/security.conf > TTY_WARN=no > SYSLOG_WARN=no > MAIL_WARN=yes > MAIL_USER=root > CHECK_UNOWNED=yes > CHECK_SHADOW=yes > CHECK_SUID_MD5=yes > CHECK_SECURITY=yes > CHECK_PASSWD=yes > CHECK_SUID_ROOT=yes > CHECK_PERMS=yes > CHECK_PROMISC=no > CHECK_WRITABLE=yes > CHECK_OPEN_PORT=yes > CHECK_SGID=yes > CHKROOTKIT_CHECK=yes > RPM_CHECK=yes > [EMAIL PROTECTED] root]# msec > [EMAIL PROTECTED] root]# cat /etc/security/msec/security.conf > TTY_WARN=no > SYSLOG_WARN=no > MAIL_WARN=yes > MAIL_USER=root > CHECK_UNOWNED=yes > CHECK_SHADOW=yes > CHECK_SUID_MD5=yes > CHECK_SECURITY=yes > CHECK_PASSWD=yes > CHECK_SUID_ROOT=yes > CHECK_PERMS=yes > CHECK_PROMISC=no > CHECK_WRITABLE=yes > CHECK_OPEN_PORT=yes > CHECK_SGID=yes > CHKROOTKIT_CHECK=yes > RPM_CHECK=yes > [EMAIL PROTECTED] root]# cat /etc/cron.d/msec > */1 * * * * root /usr/share/msec/promisc_check.sh > [EMAIL PROTECTED] root]# ls -l /etc/cron.d/msec > -rw-r--r-- 1 root root 56 f�v 5 10:01 /etc/cron.d/msec > [EMAIL PROTECTED] root]# > > the cron job has not been removed ! > -- Fred - May the source be with you
