NetBSD Problem Report #6548
Received: (qmail 18459 invoked from network); 8 Dec 1998 17:27:44 -0000
Message-Id: <199812081727.LAA00317@nimh.warthog.com>
Date: Tue, 8 Dec 1998 11:27:38 -0600 (CST)
From: Rob Windsor <windsor@warthog.com>
Reply-To: windsor@warthog.com
To: gnats-bugs@gnats.netbsd.org
Subject: Remove need for /etc/changelist
X-Send-Pr-Version: 3.95
>Number: 6548
>Category: security
>Synopsis: /etc/changelist functionality can be integrated in mtree
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: security-officer
>State: closed
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Tue Dec 08 09:35:00 +0000 1998
>Closed-Date: Fri Oct 12 05:22:46 +0000 2001
>Last-Modified: Fri Oct 12 05:22:46 +0000 2001
>Originator: Rob Windsor
>Release: 1.3.2
>Organization:
NosePickers Anonymous
>Environment:
System: NetBSD nimh 1.3.2 NetBSD 1.3.2 (NIMH) #4: Thu Jun 4 11:28:24 CDT 1998 windsor@nimh:/usr/src/sys/arch/i386/compile/NIMH i386
>Description:
/etc/changelist is a duplicated effort of /etc/mtree/special, It
doesn't have to be with a little work.
>How-To-Repeat:
blah
>Fix:
I see three ways of doing this:
1. Write a monster awk script that grovels through
/etc/mtree/special and pulls out those files that are flagged
with an additional flag at the end of the line. Requires
that mtree(1) be tweaked to allow midline comments for entries
other than `..' or an additional keyword (such as "diffchk")
that it recognizes but ignores. (ugly)
2. Tweak mtree(1) to spit out a list of files that have a
particular keyword (such as "diffchk") in a format that the
for loop in /etc/security can use to run diff against
3. Tweak mtree(1) to have another keyword and it will have the
functionality of the tail of /etc/security (the for loop).
This would also encourage mtree's cksum feature to be
enhanced to provide more of a tripwire-ish function.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->security-officer
Responsible-Changed-By: fair
Responsible-Changed-When: Thu Jan 14 01:04:23 PST 1999
Responsible-Changed-Why:
This PR is the responsibility of the NetBSD Security Officer,
not the GNATS database administrator.
State-Changed-From-To: open->feedback
State-Changed-By: fair
State-Changed-When: Mon Mar 15 23:49:02 PST 1999
State-Changed-Why:
I'm not clear on why making this change would be a win.
Can you elaborate? Or provide code for your preferred solution for
evaluation?
State-Changed-From-To: feedback->closed
State-Changed-By: fair
State-Changed-When: Tue May 18 01:53:28 PDT 1999
State-Changed-Why:
Closed for lack of feedback.
State-Changed-From-To: closed->open
State-Changed-By: windsor
State-Changed-When: Mon Nov 22 19:19:30 PST 1999
State-Changed-Why:
Imagine trying to track (securely) a new file in /etc
let's say... /etc/mk.conf, that can be a hassle.
First, we have to edit /etc/mtree/special
second, we have to edit /etc/changelist
This is silly. mtree should be able to kick out a file for changelist to
use.
State-Changed-From-To: open->feedback
State-Changed-By: fair
State-Changed-When: Wed Jan 26 14:39:01 PST 2000
State-Changed-Why:
I await the submission of code to implement the change you suggest.
From: Rob Windsor <windsor@warthog.com>
To: fair@netbsd.org
Cc: security-officer@netbsd.org, gnats@netbsd.org
Subject: Re: security/6548
Date: Wed, 26 Jan 2000 15:15:50 -0800
Verily did fair@netbsd.org write:
> Synopsis: /etc/changelist functionality can be integrated in mtree
> State-Changed-From-To: open->feedback
> State-Changed-By: fair
> State-Changed-When: Wed Jan 26 14:39:01 PST 2000
> State-Changed-Why: I await the submission of code to implement the change you suggest.
Please change the state back to `open' (or something besides `closed' or
`feedback').
I filed a PR without code submission because I'm not a programmer type.
-- Rob
----------------------------------------
Internet: windsor@warthog.com __o
Life: Rob@Carrollton.Texas.USA.Earth _`\<,_
(_)/ (_)
The weather is here, wish you were beautiful.
State-Changed-From-To: feedback->open
State-Changed-By: windsor
State-Changed-When: Tue May 9 12:11:35 PDT 2000
State-Changed-Why:
submitter can't code his way out of a wet paper sack.
State-Changed-From-To: open->closed
State-Changed-By: lukem
State-Changed-When: Thu Oct 11 22:22:24 PDT 2001
State-Changed-Why:
I've added this functionality to -current.
Enjoy!
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.