Philipp Marek wrote:
On Monday 16 June 2008 Philipp Marek wrote:
...
Should it just be "ignore-all-non-world-readable" or more something
like "ignore unless this permission bits are set"?
I now remembered why I didn't take this course:
# find . -ls | grep " .......[^r]--" | wc -l
357
This would (in my default-debian case) mean:
- no asterisk
- no squid
- no logcheck
- no sudoers
- no at.deny
- no selinux
- no ppp configurations
- no fuse
- no Xwrapper
And in my case I would like to version all of them *encrypted*.
And that's a *big* chunk of my config-space.
Of course; if it's an ignore pattern, if can simply be overridden by "fsvs
add" - but that won't be done automatically by the installation (or will it?
For which files?) - and if it's done manually the admin can "easily" specify
commit-pipes, too.
[ Please note that the same problem would exist with my "commit as nobody",
which is more-or-less the same thing. ]
But I think it's a nice, easy 90%/10% way - and not *that* much effort, so it
wouldn't take much to persuade me to code that :-)
I myself am not interested in the ignore functionality at all - space is
cheap, and any change of /etc is crucial. However since the same mechanism can
be used to force encryption on everything that is not world-readable - well
you have my persuasion :)
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
