On Sat, May 30, 2026 at 02:32:24PM -0500, Les Mikesell wrote: > On Sat, May 30, 2026 at 1:18 PM <[email protected]> wrote: > > > > Tomas: > > > > You are a genius. > > > > Adding "ReadWritePaths=/etc/backuppc" to > > /lib/systemd/system/apache2.service (and to > > /lib/systemd/system/[email protected] for good measure) and doing a > > systemctl daemon-reload (and restarting apache2 and backuppc for good > > measure also) solved the problem. > > > > Is there a way to report that to whoever maintains the package?
That's a tough one. Usually, you don't want your web server to write to /etc, so this kind of "hardening" makes sense, technically speaking. It's only as a BackupPC front-end that you need it. This is why I'm wary of too many of those hardenings: they suggest the OS does "security" for you, but at the end it's the sysadmins who know what they are doing. If you skip the sysadmin, you end up with that Windows nightmare. As one wise person (Bruce Schneier) said: "security is a process, not a product". Cheers -- t
signature.asc
Description: PGP signature
_______________________________________________ BackupPC-users mailing list [email protected] List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: https://github.com/backuppc/backuppc/wiki Project: https://backuppc.github.io/backuppc/
