On Wed, Jan 06, 2010 at 09:23:52PM +1300, Paul M wrote:
| >You may want to read up on security(8), especially the part that talks
| >about using mtree...
| >
| >Cheers,
| >
| >Paul 'WEiRD' de Weerd
|
| Have I missed something? Nobody's mentioned /etc/changelist.
| If the file isnt listed there, it wont be checked.
I guess you missed Peter's e-mail (he specifically mentioned adding
files to /etc/changelist).
However, changes to the apache included configuration files can be
detected without adding them to /etc/changelist by creating a .secure
file in /etc/mtree as documented in security(8). This also detects
files added to the include directory (which /etc/changelist doesn't
allow for).
Read the manpage, it's in there.
Paul 'WEiRD' de Weerd
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
[demime 1.01d removed an attachment of type application/pgp-signature]
