On 10/22/2013 10:02 AM, Linlin Yan (颜林林) wrote: > Hi there, > > After net-firewall/iptables-1.4.16.3 (amd64) installed, I occasionally > found that it put iptables-xml ('s symbolic link) in /usr/bin/, but > other tools (like iptables-restore and iptables-save) are not. Is > there any trick about this? >
The others are in /sbin because, a) They can't be run by anyone other than root b) You want them available at boot time But as a normal user, suppose I have an old iptables-save dump lying around. There's no problem with me running iptables-xml on it, since that will just read a file and write some XML to stdout. No special privileges necessary.