Re: ifupdown writes to /etc... a bug?
On Sat, 29 Mar 2003 19:09, Steve Langasek wrote:
> > Samba has it's smbpasswd file that is written by network password
> > changes, and a few other writable files.
> No, smbpasswd is the last file left that Samba writes to in /etc. If
> there's a consensus that it should be moved, now's a good time to do it:
> Samba 3.0 will include a new binary database format which, if all goes
> well, will replace smbpasswd as the default SAM backend, and this
> passdb.tdb file seems most suitable for moving to /var/lib.
Sounds like a good plan. Could you file the bug reports requesting that as
you appear to know the details?
> > I don't know why the others need such access. I just looked at the SE
> > Linux policy tree to see which programs were permitted to write to files
> > under /etc, apparently the programs would not work properly without the
> > access being granted.
> I think your policy is accounting for outdated versions of several
> packages. The current location for ntp.drift is /var/lib/ntp/ntp.drift,
> where it belongs.
The policy does account for old versions of programs. I can't force SE Linux
users to run the latest versions of everything.
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page