Thanks, Vijay. Thatâs exactly what I couldnât find in the documentation. (Now that I know what to look for, I see the line in security(8)âs manpage that I overlooked.)
CCâing list to help the next person with this question⦠-Aadm From: Vijay Sankar [mailto:vsan...@foretell.ca] Sent: October 6, 2016 10:20 To: Adam Thompson <athom...@athompso.net> Subject: Re: security(8) question - how to skip a single file? Hi Adam, Not replying to list in case I did not understand the question. I have the following towards the end of /etc/changelist . . . /var/nsd/etc/nsd.conf # /var/unbound/etc/root.key /var/unbound/etc/unbound.conf /var/yp/Makefile.main /var/yp/Makefile.yp Is that what you are looking for? Vijay Quoting Adam Thompson <athom...@athompso.net <mailto:athom...@athompso.net> >: I have RTFMed and googled, but I still canââ¬â¢t figure out how to do one simple thing: make security(8) ignore a single file that changes on a daily basis, where that file is otherwise monitored due to /etc/mtree/4.4BSD.dist. The file in question is /var/unbound/db/root.key, which I have auto-updating. Yes, I understand why this file is important, but on this particular system, being lulled into complacency by a daily false-positive security(8) report is more of a danger than someone managing to hack the root DNS key. Suggestions or pointers or interpretation of the docs appreciated. Thanks, -Adam Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited vsan...@foretell.ca <https://server3.foretell.ca/post/imp/dynamic.php?page=mailbox>