[expert] MSEC is undoing my changes
I could use some help with msec. I found in the documentation how
you can use the /etc/security/msec/perm.local file to allow for
modifying permissions of a file. My problem is with modifying a file.
I've got a firewall running at security level 3. I want to modify some
files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps
undoing my changes.
Any help would be greately appreciated.
Thanks,
Cory
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
On Sun, 2002-11-03 at 06:11, . wrote:
I could use some help with msec. I found in the documentation how
you can use the /etc/security/msec/perm.local file to allow for
modifying permissions of a file. My problem is with modifying a file.
I've got a firewall running at security level 3. I want to modify some
files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps
undoing my changes.
Any help would be greately appreciated.
Thanks,
Cory
edit /usr/share/msec/perm.3 and make the changes you want.
--
Jack Coates
Monkeynoodle: A Scientific Venture...
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
On Sunday 03 November 2002 11:54 am, Jack Coates wrote:
On Sun, 2002-11-03 at 06:11, . wrote:
I could use some help with msec. I found in the documentation how
you can use the /etc/security/msec/perm.local file to allow for
modifying permissions of a file. My problem is with modifying a file.
I've got a firewall running at security level 3. I want to modify some
files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps
undoing my changes.
Any help would be greately appreciated.
Thanks,
Cory
edit /usr/share/msec/perm.3 and make the changes you want.
Or make your own rules in the Mandrake Control Center, which are supposed to
overide the defaults for each level. I think it is Security -- Security
Permissions applet. Choose editable from the drop down, and enter your
rules.
--
/g
___
[EMAIL PROTECTED]
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
Gregory K. Meyer wrote:
On Sunday 03 November 2002 11:54 am, Jack Coates wrote:
On Sun, 2002-11-03 at 06:11, . wrote:
I could use some help with msec. I found in the documentation how
you can use the /etc/security/msec/perm.local file to allow for
modifying permissions of a file. My problem is with modifying a file.
I've got a firewall running at security level 3. I want to modify some
files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps
"undoing" my changes.
Any help would be greately appreciated.
Thanks,
Cory
edit /usr/share/msec/perm.3 and make the changes you want.
Or make your own rules in the Mandrake Control Center, which are supposed to
overide the defaults for each level. I think it is Security -- Security
Permissions applet. Choose editable from the drop down, and enter your
rules.
Right, and that makes a /etc/security/perm.local file, right? This is
a firewall, so it has no gui, but I created that file manually. I put the
/etc/syslog.conf file in the perm.local file with it's original owner, group,
and permissions. I didn't want to change any of that, I just wanted msec
to quit overlaying my changes within the file. If I modify the entry in
perm.local to change ownership or permissions, will that get msec to leave
it alone? Otherwise, I don't see how the perm.local file helps me in this
situation.
Thanks,
Cory
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
Never mind ... I have it working on one of my machines, so now I just
have to figure out what I did so it will work on the other one. I'll post
the answer when I have it, in case anyone else has the same problems.
BTW ... here's the changes I made to /etc/init.d/sendmail. Running "sendmail
-L sm-msp-que -Ac" for the client ueue puts .pid file in /var/spool/clientmqueue
instead of /var/run. The original script touched a /var/run/sm-client.pid
and chowned it to smmsp (why not mail?), but since it didn't contain the PID
#, the stop script failed. I commented out those two lines and added a mv
and chmod line of my own, after the daemon function call. Here:
if ! test -f /var/run/sm-client.pid ; then
gprintf "Starting sm-client: "
# touch /var/run/sm-client.pid # -- HERE
# chown smmsp:smmsp /var/run/sm-client.pid # -- HERE
daemon --check sm-client /usr/sbin/sendmail -L sm-msp-queue -Ac \
$([ -n "$QUEUE" ] echo -q$QUEUE)
RETVAL=$?
sleep 5
mv /var/spool/clientmqueue/sm-client.pid /var/run # -- HERE
chown mail:mail /var/run/sm-client.pid # -- HERE
echo
I think it still has a problem on systems running the client only daemon
(DAEMON=no in /etc/sysconfig/sendmail), so I still have to work on that. Oh,
and I made another change. The /etc/init.d/sendmail script wasn't checking
the DAEMON variable, so it was starting the listening process no matter what.
So I added a "[ $DAEMON = "yes" ] " in a couple of spots:
[ $DAEMON = "yes" ] gprintf "Starting %s: " "$prog"
/usr/bin/newaliases /dev/null 21
if test -x /usr/bin/make -a -f /etc/mail/Makefile ; then
make -C /etc/mail -s
else
for i in virtusertable access domaintable mailertable ; do
if [ -f /etc/mail/$i ] ; then
makemap hash /etc/mail/$i /etc/mail/$i
fi
done
fi
[ $DAEMON = "yes" ] daemon /usr/sbin/sendmail -bd \
$([ -n "$QUEUE" ] echo -q$QUEUE)
That's it.
Cory wrote:
I could
use some help with msec. I found in the documentation how you can use the
/etc/security/msec/perm.local file to allow for modifying permissions of
a file. My problem is with modifying a file. I've got a firewall running
at security level 3. I want to modify some files like /etc/syslogd.conf
and /etc/issue{.net}; However, msec keeps "undoing" my changes.
Any help would be greately appreciated.
Thanks,
Cory
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
On Sun, 2002-11-03 at 09:52, Gregory K. Meyer wrote:
On Sunday 03 November 2002 11:54 am, Jack Coates wrote:
On Sun, 2002-11-03 at 06:11, . wrote:
I could use some help with msec. I found in the documentation how
you can use the /etc/security/msec/perm.local file to allow for
modifying permissions of a file. My problem is with modifying a file.
I've got a firewall running at security level 3. I want to modify some
files like /etc/syslogd.conf and /etc/issue{.net}; However, msec keeps
undoing my changes.
Any help would be greately appreciated.
Thanks,
Cory
edit /usr/share/msec/perm.3 and make the changes you want.
Or make your own rules in the Mandrake Control Center, which are supposed to
overide the defaults for each level. I think it is Security -- Security
Permissions applet. Choose editable from the drop down, and enter your
rules.
--
/g
___
Is that working now? perm.local files never worked for me in 8.2,
haven't tried on 9.0.
--
Jack Coates
Monkeynoodle: A Scientific Venture...
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Re: [expert] MSEC is undoing my changes
On Sunday 03 November 2002 01:54 pm, . wrote: Right, and that makes a /etc/security/perm.local file, right? This /etc/security/msec/local is a firewall, so it has no gui, but I created that file manually. I put the /etc/syslog.conf file in the perm.local file with it's original owner, group, and permissions. I didn't want to change any of that, I just wanted msec to quit overlaying my changes within the file. If I modify the entry in perm.local to change ownership or permissions, will that get msec to leave it alone? Otherwise, I don't see how the perm.local file helps me in this situation. perm.local is supposed to override any setting in perm.whatever. -- /g ___ [EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
