Package: checksecurity Version: 2.0.7-6 Severity: important Tags: security patch sarge
I noticed it on my semi-woody: ----- s n i p ----- From: [EMAIL PROTECTED] (Cron Daemon) Subject: Cron <[EMAIL PROTECTED]> test -e /usr/sbin/anacron || run-parts --report /etc/cron.daily Date: 29 Jul 2005 04:31:27 -0000 [...] /etc/cron.daily/standard: find: /vicepb/V1075518779.vol: No such file or directory find: /vicepb/V1075518779.vol: No such file or directory find: /vicepb/V1075518779.vol: No such file or directory ----- s n i p ----- Just to make sure, I checked the Sarge version. Same problem SHOULD occur there to (can't test since I don't have a sarge AFS file server). But looking at the config file (and the fix): ----- s n i p ----- [EMAIL PROTECTED]:~# diff -u /etc/checksecurity.conf~ /etc/checksecurity.conf --- /etc/checksecurity.conf~ Mon Oct 1 22:38:59 2001 +++ /etc/checksecurity.conf Fri Jul 29 08:25:00 2005 @@ -58,7 +58,7 @@ # CS_DEVS='^/dev/fd' # -CS_DIRS='on /mnt' +CS_DIRS='on (/mnt|/vicep)' # CHECKSECURITY_FILTER="$CS_TYPES|$CS_OPTS|$CS_DEVS|$CS_DIRS" # ----- s n i p ----- I.e. the CS_DIRS looks the same in both woody and sarge... Another fix would be to set CS_DIRS='(on /mnt|/vicep)' to be _absolutly_ sure that vice directories isn't traversed, but "who would be stupid enough to have it on their root partition"? :) I can't put the severity to any higher than 'important' since not everyone would be affected. On _my_ site (40+ machines), only ONE is affected by this... Instead I'm using the 'Tags' option. But, on the other hand. I almost got an heart attach when i saw the mail! if _ANYTHING_ or _ANYONE_ (other than the AFS filesystem daemons) so much as LOOKS any files there, I risk loosing data! Well, maybe not that severe, but you get the idea :) On woody the problem is in the 'cron' package. You beside what to do with that information... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]