Re: ifupdown writes to /etc... a bug?
On Wed, 26 Mar 2003 19:37, Goswin Brederlow wrote:
> > sendmail daemon
> > sendmail -t run by the user for some mail servers
> > Various daemon start scripts.
> > ntpd
> > hotplug
> > samba
>
> Why would they ever need to write to /etc? They can and should all use
> /var for machine writeable files.
Samba has it's smbpasswd file that is written by network password changes, and
a few other writable files.
I don't know why the others need such access. I just looked at the SE Linux
policy tree to see which programs were permitted to write to files under
/etc, apparently the programs would not work properly without the access
being granted.
Please let me know when you've fixed sendmail, hotplug, ntpd, and samba, then
I'll update my SE Linux policy accordingly and give you a list of other
programs with write access.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: