Author: robert
Date: 2011-08-21 00:49:56 -0600 (Sun, 21 Aug 2011)
New Revision: 1668
Modified:
trunk/BOOK/chapter01/changelog.xml
trunk/BOOK/chapter06/shadow.xml
trunk/BOOK/chapter06/util-linux-ng.xml
trunk/BOOK/general.ent
Log:
Be verbose (-v) with setcap.
Modified: trunk/BOOK/chapter01/changelog.xml
===================================================================
--- trunk/BOOK/chapter01/changelog.xml 2011-08-20 04:32:09 UTC (rev 1667)
+++ trunk/BOOK/chapter01/changelog.xml 2011-08-21 06:49:56 UTC (rev 1668)
@@ -38,6 +38,15 @@
-->
<listitem>
+ <para>2011-08-21</para>
+ <itemizedlist>
+ <listitem>
+ <para>[robert] - Be verbose (-v) with setcap.</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+
+ <listitem>
<para>2011-08-20</para>
<itemizedlist>
<listitem>
Modified: trunk/BOOK/chapter06/shadow.xml
===================================================================
--- trunk/BOOK/chapter06/shadow.xml 2011-08-20 04:32:09 UTC (rev 1667)
+++ trunk/BOOK/chapter06/shadow.xml 2011-08-21 06:49:56 UTC (rev 1668)
@@ -106,21 +106,21 @@
<para>Use Linux Capabilities instead of suid:</para>
<screen><userinput remap="install">chmod -v -s /usr/bin/chage
-setcap CAP_DAC_READ_SEARCH=ep /usr/bin/chage
+setcap -v CAP_DAC_READ_SEARCH=ep /usr/bin/chage
chmod -v -s /usr/bin/chsh
-setcap CAP_CHOWN,CAP_SETUID=ep /usr/bin/chsh
+setcap -v CAP_CHOWN,CAP_SETUID=ep /usr/bin/chsh
chmod -v -s /usr/bin/newgrp
-setcap CAP_DAC_READ_SEARCH,CAP_SETGID=ep /usr/bin/newgrp
+setcap -v CAP_DAC_READ_SEARCH,CAP_SETGID=ep /usr/bin/newgrp
chmod -v -s /usr/bin/chfn
-setcap CAP_CHOWN,CAP_DAC_READ_SEARCH,CAP_SETUID=ep /usr/bin/chfn
+setcap -v CAP_CHOWN,CAP_DAC_READ_SEARCH,CAP_SETUID=ep /usr/bin/chfn
chmod -v -s /usr/bin/gpasswd
-setcap CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_SETUID=ep /usr/bin/gpasswd
+setcap -v CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_SETUID=ep /usr/bin/gpasswd
chmod -v -s /usr/bin/expiry
-setcap CAP_DAC_READ_SEARCH=ep /usr/bin/expiry
+setcap -v CAP_DAC_READ_SEARCH=ep /usr/bin/expiry
chmod -v -s /bin/su
-setcap CAP_DAC_READ_SEARCH,CAP_SETUID,CAP_SETGID=ep /bin/su
+setcap -v CAP_DAC_READ_SEARCH,CAP_SETUID,CAP_SETGID=ep /bin/su
chmod -v -s /bin/passwd
-setcap CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_SETUID=ep
/bin/passwd</userinput></screen>
+setcap -v CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_SETUID=ep
/bin/passwd</userinput></screen>
<!-- <para>Move Shadow's libraries to more appropriate locations:</para>
Modified: trunk/BOOK/chapter06/util-linux-ng.xml
===================================================================
--- trunk/BOOK/chapter06/util-linux-ng.xml 2011-08-20 04:32:09 UTC (rev
1667)
+++ trunk/BOOK/chapter06/util-linux-ng.xml 2011-08-21 06:49:56 UTC (rev
1668)
@@ -99,9 +99,9 @@
<para>Use Linux Capabilities instead of suid (FIXME: wall and write are
suid too):</para>
<screen><userinput remap="install">chmod -v -s /bin/mount
-setcap CAP_SYS_ADMIN=ep /bin/mount
+setcap -v CAP_SYS_ADMIN=ep /bin/mount
chmod -v -s /bin/umount
-setcap CAP_SYS_ADMIN=ep /bin/umount
+setcap -v CAP_SYS_ADMIN=ep /bin/umount
</userinput></screen>
</sect2>
Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent 2011-08-20 04:32:09 UTC (rev 1667)
+++ trunk/BOOK/general.ent 2011-08-21 06:49:56 UTC (rev 1668)
@@ -1,5 +1,5 @@
-<!ENTITY version "SVN-20110820">
-<!ENTITY releasedate "August 20, 2011">
+<!ENTITY version "SVN-20110821">
+<!ENTITY releasedate "August 21, 2011">
<!ENTITY copyrightdate "1999-2011"><!-- jhalfs needs a literal dash, not
– -->
<!ENTITY milestone "1.0">
<!ENTITY generic-version "development"> <!-- Use "development", "testing", or
"x.y[-pre{x}]" -->
--
http://linuxfromscratch.org/mailman/listinfo/hlfs-book
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
