On 10/22/2013 10:02 AM, Linlin Yan (颜林林) wrote:
> Hi there,
>
> After net-firewall/iptables-1.4.16.3 (amd64) installed, I occasionally
> found that it put iptables-xml ('s symbolic link) in /usr/bin/, but
> other tools (like iptables-restore and iptables-save) are not. Is
> there any trick about this?
>
The others are in /sbin because,
a) They can't be run by anyone other than root
b) You want them available at boot time
But as a normal user, suppose I have an old iptables-save dump lying
around. There's no problem with me running iptables-xml on it, since
that will just read a file and write some XML to stdout. No special
privileges necessary.
