Re: changelist: add /etc/login.conf.d/*
Hello, I take this is an ok by deraadt@ Regards, Raf On Thu, May 12, 2022 at 01:40:40PM BST, Theo de Raadt wrote: > Yep > > Raf Czlonka wrote: > > > On Thu, May 12, 2022 at 11:58:22AM BST, Stuart Henderson wrote: > > > changelist already has /etc/login.conf, but I think files in the .d > > > directory should be checked too, both so we have notification of changes > > > (as it can set environment variables this is a very powerful file), and > > > also so we keep old versions in /var/backup. > > > > The directory itself should probably also go into /etc/mtree/special. > > > > Regards, > > > > Raf > > > > Index: etc/mtree/special > > === > > RCS file: /cvs/src/etc/mtree/special,v > > retrieving revision 1.127 > > diff -u -p -r1.127 special > > --- etc/mtree/special 13 Sep 2020 10:03:46 - 1.127 > > +++ etc/mtree/special 12 May 2022 11:30:54 - > > @@ -46,6 +46,8 @@ isakmpd.policytype=file mode=0600 uname > > ldapd.conf type=file mode=0600 uname=root gname=wheel optional > > ldpd.conf type=file mode=0600 uname=root gname=wheel optional > > login.conf type=file mode=0644 uname=root gname=wheel > > +login.conf.d type=dir mode=0755 uname=root gname=wheel > > +.. #login.conf.d > > login_ldap.conftype=file mode=0640 uname=root gname=auth optional > > mail.rctype=file mode=0644 uname=root gname=wheel > > mailer.conftype=file mode=0644 uname=root gname=wheel > >
Re: changelist: add /etc/login.conf.d/*
On Thu, May 12, 2022 at 11:58:22AM BST, Stuart Henderson wrote: > changelist already has /etc/login.conf, but I think files in the .d > directory should be checked too, both so we have notification of changes > (as it can set environment variables this is a very powerful file), and > also so we keep old versions in /var/backup. The directory itself should probably also go into /etc/mtree/special. Regards, Raf Index: etc/mtree/special === RCS file: /cvs/src/etc/mtree/special,v retrieving revision 1.127 diff -u -p -r1.127 special --- etc/mtree/special 13 Sep 2020 10:03:46 - 1.127 +++ etc/mtree/special 12 May 2022 11:30:54 - @@ -46,6 +46,8 @@ isakmpd.policytype=file mode=0600 uname ldapd.conf type=file mode=0600 uname=root gname=wheel optional ldpd.conf type=file mode=0600 uname=root gname=wheel optional login.conf type=file mode=0644 uname=root gname=wheel +login.conf.d type=dir mode=0755 uname=root gname=wheel +.. #login.conf.d login_ldap.conftype=file mode=0640 uname=root gname=auth optional mail.rctype=file mode=0644 uname=root gname=wheel mailer.conftype=file mode=0644 uname=root gname=wheel
changelist: add /etc/login.conf.d/*
changelist already has /etc/login.conf, but I think files in the .d directory should be checked too, both so we have notification of changes (as it can set environment variables this is a very powerful file), and also so we keep old versions in /var/backup. ok? Index: changelist === RCS file: /cvs/src/etc/changelist,v retrieving revision 1.130 diff -u -p -r1.130 changelist --- changelist 11 Nov 2021 09:38:14 - 1.130 +++ changelist 12 May 2022 10:55:18 - @@ -62,6 +62,7 @@ /etc/ldpd.conf /etc/locate.rc /etc/login.conf +/etc/login.conf.d/* /etc/login_ldap.conf /etc/mail.rc /etc/mail/aliases