NetBSD Problem Report #6548

Received: (qmail 18459 invoked from network); 8 Dec 1998 17:27:44 -0000
Message-Id: <199812081727.LAA00317@nimh.warthog.com>
Date: Tue, 8 Dec 1998 11:27:38 -0600 (CST)
From: Rob Windsor <windsor@warthog.com>
Reply-To: windsor@warthog.com
To: gnats-bugs@gnats.netbsd.org
Subject: Remove need for /etc/changelist
X-Send-Pr-Version: 3.95

>Number:         6548
>Category:       security
>Synopsis:       /etc/changelist functionality can be integrated in mtree
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    security-officer
>State:          closed
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue Dec 08 09:35:00 +0000 1998
>Closed-Date:    Fri Oct 12 05:22:46 +0000 2001
>Last-Modified:  Fri Oct 12 05:22:46 +0000 2001
>Originator:     Rob Windsor
>Release:        1.3.2
>Organization:
NosePickers Anonymous
>Environment:
System: NetBSD nimh 1.3.2 NetBSD 1.3.2 (NIMH) #4: Thu Jun 4 11:28:24 CDT 1998 windsor@nimh:/usr/src/sys/arch/i386/compile/NIMH i386


>Description:
	/etc/changelist is a duplicated effort of /etc/mtree/special, It
	doesn't have to be with a little work.
>How-To-Repeat:
	blah
>Fix:
	I see three ways of doing this:

	    1.  Write a monster awk script that grovels through
		/etc/mtree/special and pulls out those files that are flagged
		with an additional flag at the end of the line.  Requires
		that mtree(1) be tweaked to allow midline comments for entries
		other than `..' or an additional keyword (such as "diffchk")
		that it recognizes but ignores.  (ugly)

	    2.  Tweak mtree(1) to spit out a list of files that have a
		particular keyword (such as "diffchk") in a format that the
		for loop in /etc/security can use to run diff against

	    3.  Tweak mtree(1) to have another keyword and it will have the
		functionality of the tail of /etc/security (the for loop).
		This would also encourage mtree's cksum feature to be
		enhanced to provide more of a tripwire-ish function.

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->security-officer 
Responsible-Changed-By: fair 
Responsible-Changed-When: Thu Jan 14 01:04:23 PST 1999 
Responsible-Changed-Why:  
This PR is the responsibility of the NetBSD Security Officer, 
not the GNATS database administrator. 
State-Changed-From-To: open->feedback 
State-Changed-By: fair 
State-Changed-When: Mon Mar 15 23:49:02 PST 1999 
State-Changed-Why:  
I'm not clear on why making this change would be a win. 

Can you elaborate? Or provide code for your preferred solution for 
evaluation? 
State-Changed-From-To: feedback->closed 
State-Changed-By: fair 
State-Changed-When: Tue May 18 01:53:28 PDT 1999 
State-Changed-Why:  
Closed for lack of feedback. 
State-Changed-From-To: closed->open 
State-Changed-By: windsor 
State-Changed-When: Mon Nov 22 19:19:30 PST 1999 
State-Changed-Why:  
Imagine trying to track (securely) a new file in /etc 
let's say... /etc/mk.conf, that can be a hassle. 
First, we have to edit /etc/mtree/special 
second, we have to edit /etc/changelist 
This is silly.  mtree should be able to kick out a file for changelist to 
use. 
State-Changed-From-To: open->feedback 
State-Changed-By: fair 
State-Changed-When: Wed Jan 26 14:39:01 PST 2000 
State-Changed-Why:  
I await the submission of code to implement the change you suggest. 

From: Rob Windsor <windsor@warthog.com>
To: fair@netbsd.org
Cc: security-officer@netbsd.org, gnats@netbsd.org
Subject: Re: security/6548 
Date: Wed, 26 Jan 2000 15:15:50 -0800

 Verily did fair@netbsd.org write:

 > Synopsis: /etc/changelist functionality can be integrated in mtree

 > State-Changed-From-To: open->feedback
 > State-Changed-By: fair
 > State-Changed-When: Wed Jan 26 14:39:01 PST 2000
 > State-Changed-Why: I await the submission of code to implement the change you suggest.

 Please change the state back to `open' (or something besides `closed' or 
 `feedback').

 I filed a PR without code submission because I'm not a programmer type.

 -- Rob
 ----------------------------------------
 Internet: windsor@warthog.com                             __o
 Life: Rob@Carrollton.Texas.USA.Earth                    _`\<,_
                                                        (_)/ (_)
 The weather is here, wish you were beautiful.

State-Changed-From-To: feedback->open 
State-Changed-By: windsor 
State-Changed-When: Tue May 9 12:11:35 PDT 2000 
State-Changed-Why:  
submitter can't code his way out of a wet paper sack. 
State-Changed-From-To: open->closed 
State-Changed-By: lukem 
State-Changed-When: Thu Oct 11 22:22:24 PDT 2001 
State-Changed-Why:  
I've added this functionality to -current. 
Enjoy! 
>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.