Note that /etc/mtree/special.local can override entries in

/etc/mtree/special not just add new entries.
Explain that check_mtree_follow_symlinks will give reports of links not
being links (notably /etc/localtime)
This commit is contained in:
sborrill 2008-04-08 14:51:02 +00:00
parent 7088512994
commit 25ac1dd285

View File

@ -1,4 +1,4 @@
.\" $NetBSD: security.conf.5,v 1.31 2006/05/29 22:07:25 wiz Exp $
.\" $NetBSD: security.conf.5,v 1.32 2008/04/08 14:51:02 sborrill Exp $
.\"
.\" Copyright (c) 1996 Matthew R. Green
.\" All rights reserved.
@ -97,7 +97,7 @@ The following configuration files are checked:
.It Pa /etc/mtree/special
Default files to check.
.It Pa /etc/mtree/special.local
Local site additions.
Local site additions and overrides.
.It Pa /etc/mtree/DIR.secure
Specification for the directory
.Pa DIR .
@ -194,6 +194,13 @@ will ignore paths that are not under
During the
.Sy check_mtree
phase, instruct mtree to follow symbolic links.
Please note, this may cause the
.Sy check_mtree
phase to report errors for entries for these symbolic links (i.e. of
type=link in the mtree specification) as they will always appear to be plain
files for the purposes of the check.
.Pa /etc/mtree/special.local
may be used to override the checks for the affected links.
.It Sy check_passwd_nowarn_shells
If
.Sy check_passwd