On 6/01/2010, at 10:16 PM, Paul de Weerd wrote:
On Wed, Jan 06, 2010 at 09:23:52PM +1300, Paul M wrote:
| >You may want to read up on security(8), especially the part that
talks
| >about using mtree...
| >
| >Cheers,
| >
| >Paul 'WEiRD' de Weerd
|
| Have I missed something? Nobody's mentioned /etc/changelist.
| If the file isnt listed there, it wont be checked.
I guess you missed Peter's e-mail (he specifically mentioned adding
files to /etc/changelist).
However, changes to the apache included configuration files can be
detected without adding them to /etc/changelist by creating a .secure
file in /etc/mtree as documented in security(8). This also detects
files added to the include directory (which /etc/changelist doesn't
allow for).
Read the manpage, it's in there.
Paul 'WEiRD' de Weerd
You're right.
I saw Peter's mail, but I somehow missed that last part.
It's just as I thought - I'm stupid.
paulm
