Re: security(8) question - how to skip a single file?
Thanks, Vijay. Thatâs exactly what I couldnât find in the documentation. (Now that I know what to look for, I see the line in security(8)âs manpage that I overlooked.) CCâing list to help the next person with this question⦠-Aadm From: Vijay Sankar [mailto:vsan...@foretell.ca] Sent: October 6, 2016 10:20 To: Adam Thompson Subject: Re: security(8) question - how to skip a single file? Hi Adam, Not replying to list in case I did not understand the question. I have the following towards the end of /etc/changelist . . . /var/nsd/etc/nsd.conf # /var/unbound/etc/root.key /var/unbound/etc/unbound.conf /var/yp/Makefile.main /var/yp/Makefile.yp Is that what you are looking for? Vijay Quoting Adam Thompson mailto:athom...@athompso.net> >: I have RTFMed and googled, but I still canââ¬â¢t figure out how to do one simple thing: make security(8) ignore a single file that changes on a daily basis, where that file is otherwise monitored due to /etc/mtree/4.4BSD.dist. The file in question is /var/unbound/db/root.key, which I have auto-updating. Yes, I understand why this file is important, but on this particular system, being lulled into complacency by a daily false-positive security(8) report is more of a danger than someone managing to hack the root DNS key. Suggestions or pointers or interpretation of the docs appreciated. Thanks, -Adam Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited vsan...@foretell.ca <https://server3.foretell.ca/post/imp/dynamic.php?page=mailbox>
security(8) question - how to skip a single file?
I have RTFMed and googled, but I still canât figure out how to do one simple thing: make security(8) ignore a single file that changes on a daily basis, where that file is otherwise monitored due to /etc/mtree/4.4BSD.dist. The file in question is /var/unbound/db/root.key, which I have auto-updating. Yes, I understand why this file is important, but on this particular system, being lulled into complacency by a daily false-positive security(8) report is more of a danger than someone managing to hack the root DNS key. Suggestions or pointers or interpretation of the docs appreciated. Thanks, -Adam
Re: security(8) question - how to skip a single file?
On Thu, Oct 06, 2016 at 08:17:02AM -0500, Adam Thompson wrote: > I have RTFMed and googled, but I still can???t figure out how to do one simple > thing: make security(8) ignore a single file that changes on a daily basis, > where that file is otherwise monitored due to /etc/mtree/4.4BSD.dist. > > > > The file in question is /var/unbound/db/root.key, which I have auto-updating. > > > > Yes, I understand why this file is important, but on this particular system, > being lulled into complacency by a daily false-positive security(8) report is > more of a danger than someone managing to hack the root DNS key. > > > > Suggestions or pointers or interpretation of the docs appreciated. Edit /etc/changelist, see changelist(5). > > > Thanks, > > -Adam