On Thu, Mar 01, 2012 at 03:09:14PM -0500, Jeffrey Sheinberg wrote: > > Plain file /var/lib/shorewall/.restart had permission 700, changed it to > 740 > Plain file /var/lib/shorewall/nat had permission 600, changed it to 640 > Plain file /var/lib/shorewall/.start had permission 700, changed it to 740 > Plain file /var/lib/shorewall/proxyarp had permission 600, changed it to > 640 > Plain file /var/lib/shorewall6/proxyndp had permission 600, changed it to > 640 > Plain file /var/lib/shorewall6/.start had permission 700, changed i t to > 740 >
Those files are created or re-created each time that Shorewall runs. Perhaps you can achieve your objective by setting the permissions you want on the directory /var/lib/shorewall and /var/lib/shorewall6. Another possibility would be to adjust the umask of the shell or script from which you run Shorewall. One other possibility would be to submit a patch upstream that allows the admin to specify the desired permissions in Shorewall's configuration and then it can set its own umask appropriately. Regards, -Roberto P.S. My apologies for the delay in responding. I somehow overlooked that this bug had even been filed and only noticed it last night. -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature