Re: etc/mtree/special: remove nsd.conf

[Stuart Henderson]

On 2013/12/03 09:12, Björn Ketelaars wrote:
> /etc/nsd.conf has been moved to /var/nsd/etc/nsd.conf. /etc/changelist has 
> been
> changed accordingly, /etc/mtree/special has not. NSD's configuration file
> resides in a root:_nsd owned directory with permission set at 0750. As such
> there should be no need for inclusion of nsd.conf in the mtree specification 
> for
> dangerous files.
> 
> Included a small diff file.

Actually /var/nsd/ should be added here as the config may contain keys.
Protecting the directory is safer than just nsd.conf as other config files
may be included.

OK?


Index: special
===================================================================
RCS file: /cvs/src/etc/mtree/special,v
retrieving revision 1.99
diff -u -p -r1.99 special
--- special     10 Jul 2013 05:23:18 -0000      1.99
+++ special     3 Dec 2013 09:06:48 -0000
@@ -72,7 +72,6 @@ npppd         type=dir mode=0755 uname=root gna
 npppd.conf     type=file mode=0640 uname=root gname=wheel
 npppd-users    type=file mode=0600 uname=root gname=wheel
 ..     #npppd
-nsd.conf       type=file mode=0640 uname=root gname=_nsd
 ntpd.conf      type=file mode=0644 uname=root gname=wheel
 ospfd.conf     type=file mode=0600 uname=root gname=wheel
 ospf6d.conf    type=file mode=0600 uname=root gname=wheel
@@ -191,6 +190,10 @@ lastlog            type=file mode=0644 uname=root 
 ..     #var/log
 mail           type=dir mode=0755 uname=root gname=wheel ignore
 ..     #var/mail
+nsd            type=dir mode=0755 uname=root gname=wheel
+etc            type=dir mode=0750 uname=root gname=_nsd
+..     #var/nsd/etc
+..     #var/nsd
 run            type=dir mode=0755 uname=root gname=wheel
 utmp           type=file mode=0664 uname=root gname=utmp
 ..     #var/run