On Mon, Jul 6, 2015 at 2:24 PM, Tim van der Molen <[email protected]> wrote:
> Ping.
>
> Tim van der Molen (2015-05-17 11:42 +0200):
> > nsd.conf may contain keys, so store its checksum only. Also update the
> > path to unbound's root.key.
> >
> > Index: changelist
> > ===================================================================
> > RCS file: /cvs/src/etc/changelist,v
> > retrieving revision 1.103
> > diff -u -r1.103 changelist
> > --- changelist 2 Oct 2014 09:02:48 -0000 1.103
> > +++ changelist 17 May 2015 09:26:59 -0000
> > @@ -145,8 +145,8 @@
> > /var/cron/cron.allow
> > /var/cron/cron.deny
> > /var/cron/tabs/root
> > -/var/nsd/etc/nsd.conf
> > -/var/unbound/etc/root.key
> > ++/var/nsd/etc/nsd.conf
> > +/var/unbound/db/root.key
> > /var/unbound/etc/unbound.conf
> > /var/yp/Makefile.main
> > /var/yp/Makefile.yp
> >
>
>
The + is before the conf not the key
Index: changelist
===================================================================
RCS file: /cvs/src/etc/changelist,v
retrieving revision 1.103
diff -u -r1.103 changelist
--- changelist 2 Oct 2014 09:02:48 -0000 1.103
+++ changelist 17 May 2015 09:26:59 -0000
@@ -145,8 +145,8 @@
/var/cron/cron.allow
/var/cron/cron.deny
/var/cron/tabs/root
-/var/nsd/etc/nsd.conf
-/var/unbound/etc/root.key
+/var/nsd/etc/nsd.conf
++/var/unbound/db/root.key
/var/unbound/etc/unbound.conf
/var/yp/Makefile.main
/var/yp/Makefile.yp
btw, this changelist is awesome, why not let package or admin use it more ?
--- ./libexec/security.orig Mon Jul 6 21:41:06 2015
+++ ./libexec/security Mon Jul 6 21:57:19 2015
@@ -817,8 +817,20 @@
# List of files that get backed up and checked for any modifications. Each
# file is expected to have two backups, /var/backups/file.{current,backup}.
# Any changes cause the files to rotate.
+sub check_changelists {
+ check_changelist '/etc/changelist';
+ my $dirlist = '/etc/changelist.d';
+ opendir my $inclist, $dirlist;
+ while (readdir $inclist) {
+ check_changelist $dirlist.'/'.$_ if ( /^\w/ );
+ }
+ closedir $inclist;
+}
+
+
+
sub check_changelist {
- my $filename = '/etc/changelist';
+ my $filename = $_[0];
-s $filename or return;
nag !(open my $fh, '<', $filename), "open: $filename: $!" and
return;
@@ -917,7 +929,7 @@
"Output format is:\n\tfilename:\n\t\tcriteria (shouldbe, reallyis)";
check_mtree;
$check_title = "Backing up and comparing configuration files.";
-check_changelist;
+check_changelists;
$check_title = "Checking disklabels of mounted disks:";
check_disklabels;
check_pkglist;
--
---------------------------------------------------------------------------------------------------------------------
() ascii ribbon campaign - against html e-mail
/\
