[expert] MSEC is undoing my changes
I could use some help with msec. I found in the documentation how you can use the /etc/security/msec/perm.local file to allow for modifying permissions of a file. My problem is with modifying a file. I've got a firewall running at security level 3. I want to modify some files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps undoing my changes. Any help would be greately appreciated. Thanks, Cory Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
On Sun, 2002-11-03 at 06:11, . wrote: I could use some help with msec. I found in the documentation how you can use the /etc/security/msec/perm.local file to allow for modifying permissions of a file. My problem is with modifying a file. I've got a firewall running at security level 3. I want to modify some files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps undoing my changes. Any help would be greately appreciated. Thanks, Cory edit /usr/share/msec/perm.3 and make the changes you want. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
On Sunday 03 November 2002 11:54 am, Jack Coates wrote: On Sun, 2002-11-03 at 06:11, . wrote: I could use some help with msec. I found in the documentation how you can use the /etc/security/msec/perm.local file to allow for modifying permissions of a file. My problem is with modifying a file. I've got a firewall running at security level 3. I want to modify some files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps undoing my changes. Any help would be greately appreciated. Thanks, Cory edit /usr/share/msec/perm.3 and make the changes you want. Or make your own rules in the Mandrake Control Center, which are supposed to overide the defaults for each level. I think it is Security -- Security Permissions applet. Choose editable from the drop down, and enter your rules. -- /g ___ [EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
Gregory K. Meyer wrote: On Sunday 03 November 2002 11:54 am, Jack Coates wrote: On Sun, 2002-11-03 at 06:11, . wrote: I could use some help with msec. I found in the documentation how you can use the /etc/security/msec/perm.local file to allow for modifying permissions of a file. My problem is with modifying a file. I've got a firewall running at security level 3. I want to modify some files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps "undoing" my changes. Any help would be greately appreciated. Thanks, Cory edit /usr/share/msec/perm.3 and make the changes you want. Or make your own rules in the Mandrake Control Center, which are supposed to overide the defaults for each level. I think it is Security -- Security Permissions applet. Choose editable from the drop down, and enter your rules. Right, and that makes a /etc/security/perm.local file, right? This is a firewall, so it has no gui, but I created that file manually. I put the /etc/syslog.conf file in the perm.local file with it's original owner, group, and permissions. I didn't want to change any of that, I just wanted msec to quit overlaying my changes within the file. If I modify the entry in perm.local to change ownership or permissions, will that get msec to leave it alone? Otherwise, I don't see how the perm.local file helps me in this situation. Thanks, Cory Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
Never mind ... I have it working on one of my machines, so now I just have to figure out what I did so it will work on the other one. I'll post the answer when I have it, in case anyone else has the same problems. BTW ... here's the changes I made to /etc/init.d/sendmail. Running "sendmail -L sm-msp-que -Ac" for the client ueue puts .pid file in /var/spool/clientmqueue instead of /var/run. The original script touched a /var/run/sm-client.pid and chowned it to smmsp (why not mail?), but since it didn't contain the PID #, the stop script failed. I commented out those two lines and added a mv and chmod line of my own, after the daemon function call. Here: if ! test -f /var/run/sm-client.pid ; then gprintf "Starting sm-client: " # touch /var/run/sm-client.pid # -- HERE # chown smmsp:smmsp /var/run/sm-client.pid # -- HERE daemon --check sm-client /usr/sbin/sendmail -L sm-msp-queue -Ac \ $([ -n "$QUEUE" ] echo -q$QUEUE) RETVAL=$? sleep 5 mv /var/spool/clientmqueue/sm-client.pid /var/run # -- HERE chown mail:mail /var/run/sm-client.pid # -- HERE echo I think it still has a problem on systems running the client only daemon (DAEMON=no in /etc/sysconfig/sendmail), so I still have to work on that. Oh, and I made another change. The /etc/init.d/sendmail script wasn't checking the DAEMON variable, so it was starting the listening process no matter what. So I added a "[ $DAEMON = "yes" ] " in a couple of spots: [ $DAEMON = "yes" ] gprintf "Starting %s: " "$prog" /usr/bin/newaliases /dev/null 21 if test -x /usr/bin/make -a -f /etc/mail/Makefile ; then make -C /etc/mail -s else for i in virtusertable access domaintable mailertable ; do if [ -f /etc/mail/$i ] ; then makemap hash /etc/mail/$i /etc/mail/$i fi done fi [ $DAEMON = "yes" ] daemon /usr/sbin/sendmail -bd \ $([ -n "$QUEUE" ] echo -q$QUEUE) That's it. Cory wrote: I could use some help with msec. I found in the documentation how you can use the /etc/security/msec/perm.local file to allow for modifying permissions of a file. My problem is with modifying a file. I've got a firewall running at security level 3. I want to modify some files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps "undoing" my changes. Any help would be greately appreciated. Thanks, Cory Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
On Sun, 2002-11-03 at 09:52, Gregory K. Meyer wrote: On Sunday 03 November 2002 11:54 am, Jack Coates wrote: On Sun, 2002-11-03 at 06:11, . wrote: I could use some help with msec. I found in the documentation how you can use the /etc/security/msec/perm.local file to allow for modifying permissions of a file. My problem is with modifying a file. I've got a firewall running at security level 3. I want to modify some files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps undoing my changes. Any help would be greately appreciated. Thanks, Cory edit /usr/share/msec/perm.3 and make the changes you want. Or make your own rules in the Mandrake Control Center, which are supposed to overide the defaults for each level. I think it is Security -- Security Permissions applet. Choose editable from the drop down, and enter your rules. -- /g ___ Is that working now? perm.local files never worked for me in 8.2, haven't tried on 9.0. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
On Sunday 03 November 2002 01:54 pm, . wrote: Right, and that makes a /etc/security/perm.local file, right? This /etc/security/msec/local is a firewall, so it has no gui, but I created that file manually. I put the /etc/syslog.conf file in the perm.local file with it's original owner, group, and permissions. I didn't want to change any of that, I just wanted msec to quit overlaying my changes within the file. If I modify the entry in perm.local to change ownership or permissions, will that get msec to leave it alone? Otherwise, I don't see how the perm.local file helps me in this situation. perm.local is supposed to override any setting in perm.whatever. -- /g ___ [EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com