Re: [expert] perm.local being ignored by msec?
On June 13, 2002 05:36, David Guntner wrote: > Ok, I've read the information at > > http://www.mandrakesecure.net/en/docs/msec.php > > and saw the information regarding /etc/security/msec/perm.local. I've > created one, and put: > > /home/* current 755 > > in it. Then I ran msec (I'm currently at level 3, BTW). When I look in my > syslog, it shows that it's reading parameters from perm.3, but no mention > of perm.local - also, /home/* directories are still set as mode 711. What > am I missing here to get msec to actually follow the instructions in > perm.local? > > --Dave I'm not positive, but I believe in order to change the permissions on a home directory you have to change the default umask. Try adding the following to the /etc/security/msec/level.local file: from mseclib import * set_user_umask(022) -- Tim C [EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] perm.local being ignored by msec?
David Guntner wrote: > > Ok, I've read the information at > > http://www.mandrakesecure.net/en/docs/msec.php > > and saw the information regarding /etc/security/msec/perm.local. I've > created one, and put: > > /home/* current 755 > > in it. Then I ran msec (I'm currently at level 3, BTW). When I look in my > syslog, it shows that it's reading parameters from perm.3, but no mention > of perm.local - also, /home/* directories are still set as mode 711. What > am I missing here to get msec to actually follow the instructions in > perm.local? > Dave, what is the "current" entry for in your perm.local? Do you want every subdirectory of "/home" to have 755 perms? Not sure about that wild card but you might try: /home/* some_owner.some_group 755 or give path for all directories: /home/directory1/ some_owner.some_group 755 /home/directory2/ some_owner.some_group 755 /home/directory3/ some_owner.some_group 755 etc, etc, Example from my perm.local: /home/cdburn/ root.cwoods 777 /home/exports/root.cwoods 777 Hey! It works. Cheers, drjung -- J. Craig Woods UNIX/NT Network/System Administration http://www.trismegistus.net/resume.html Character is built upon the debris of despair --Emerson Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] perm.local being ignored by msec?
Ok, I've read the information at http://www.mandrakesecure.net/en/docs/msec.php and saw the information regarding /etc/security/msec/perm.local. I've created one, and put: /home/* current 755 in it. Then I ran msec (I'm currently at level 3, BTW). When I look in my syslog, it shows that it's reading parameters from perm.3, but no mention of perm.local - also, /home/* directories are still set as mode 711. What am I missing here to get msec to actually follow the instructions in perm.local? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com