Note that /etc/mtree/special.local can override entries in

/etc/mtree/special not just add new entries.
Explain that check_mtree_follow_symlinks will give reports of links not
being links (notably /etc/localtime)

share/man/man5/security.conf.5

@@ -1,4 +1,4 @@
-.\"	$NetBSD: security.conf.5,v 1.31 2006/05/29 22:07:25 wiz Exp $
+.\"	$NetBSD: security.conf.5,v 1.32 2008/04/08 14:51:02 sborrill Exp $
 .\"
 .\" Copyright (c) 1996 Matthew R. Green
 .\" All rights reserved.
@@ -97,7 +97,7 @@ The following configuration files are checked:
 .It Pa /etc/mtree/special
 Default files to check.
 .It Pa /etc/mtree/special.local
-Local site additions.
+Local site additions and overrides.
 .It Pa /etc/mtree/DIR.secure
 Specification for the directory
 .Pa DIR .
@@ -194,6 +194,13 @@ will ignore paths that are not under
 During the
 .Sy check_mtree
 phase, instruct mtree to follow symbolic links.
+Please note, this may cause the
+.Sy check_mtree
+phase to report errors for entries for these symbolic links (i.e. of
+type=link in the mtree specification) as they will always appear to be plain
+files for the purposes of the check. 
+.Pa /etc/mtree/special.local
+may be used to override the checks for the affected links.
 .It Sy check_passwd_nowarn_shells
 If
 .Sy check_passwd