On 2011/01/13 00:13, Claudio Jeker wrote: > On Wed, Jan 12, 2011 at 11:57:59PM +0100, Martin Pelikan wrote: > > Hello, > > this patch makes ospfd(8) and ospf6d(8) check its config file permissions > > even if run with a -n to test it. bgpd already behaves this way (changed > > 6 years ago by henning@) and it's quite handy to fix the permissions while > > doing tests, rather than at the first production boot time :-) > > Any comments? > > Appart from my desire to kill the permission checking? > I don't see why bgpd and ospfd needs this non-unix like behaviour, > other tools like pfctl do not care. We install the file with the correct > permissions so if somebody changes them it is his fault. But this is just > my opinion.
I don't like this check much. I usually work on a checked-out copy of my config files when I'm editing them so I often have to chmod before I bgpd -nvf bgpd.conf to check I haven't made a stupid typo before I commit and copy them out. It's inconsistent too: the control socket is group-writable for wheel, why should that be forbidden for the configuration file?
