DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 30th April 2012
dbach dbach is offline
Port Guard
 
Join Date: Aug 2011
Posts: 23
Thanked 0 Times in 0 Posts
Default fresh install require file flags schg assigned to dir or files?

Hello All:

Would it be a good idea to assign schg to any files or direcotries after a fresh install of 5.0 to ensure they aren't mistakingly or intentionally altered? Also do most admins set up Tripwire on fresh installs?

Thanks,
Darryl
Reply With Quote
  #2   (View Single Post)  
Old 30th April 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,687
Thanked 214 Times in 189 Posts
Default

As a matter of practice, I don't. I take scheduled backups, track changes to etc and var with devel/git, and pay attention to security (8) logs.

Consider the operational impact of repair to a file in the event of a problem. You'll have to stop all apps and drop to single user mode at the very least.
Reply With Quote
  #3   (View Single Post)  
Old 1st May 2012
dbach dbach is offline
Port Guard
 
Join Date: Aug 2011
Posts: 23
Thanked 0 Times in 0 Posts
Default Thanks jggimi

I've never heard of git, will have to review this and see how I can use it our environment. Thanks again for the excellent feedback.
Darryl
Reply With Quote
  #4   (View Single Post)  
Old 1st May 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,687
Thanked 214 Times in 189 Posts
Default

Like CVS, used with OpenBSD source and the Project's web pages, git is a version control system. I chose it for /etc and /var because unlike CVS, it manages file modes and ownerships, which are needed. It is far more powerful, but I'm not using that power.

I first used git with Android kernel and userland. I found the http://gitimmersion.com/ tutorial very helpful.
Reply With Quote
  #5   (View Single Post)  
Old 1st May 2012
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,883
Thanked 190 Times in 160 Posts
Default

Quote:
Originally Posted by jggimi View Post
git is a version control system...
A couple of other useful git references are:The general homepage has a lot of goodies which are worth poking through. There are a number of books out on git, but personally, I find the Chacon book the best. It is more in-depth than most.
Reply With Quote
Reply

Tags
fresh install, opebbsd5.0, schg, tripwire

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Doing a fresh install - what to save? Bruco FreeBSD General 4 30th May 2009 01:49 PM
Can't Print (Fresh First Time install) BSD newb Xero FreeBSD Installation and Upgrading 4 15th February 2009 07:11 PM
kde .desktop file link doesn't act like a link when opening files caesius FreeBSD Ports and Packages 3 14th October 2008 07:35 AM
Does KDE4 require KDE3? troberts FreeBSD Ports and Packages 22 13th August 2008 07:55 PM
How do I skip format on some partitions in a fresh install? Quaxo OpenBSD Installation and Upgrading 9 25th June 2008 07:57 PM


All times are GMT. The time now is 04:10 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick