|
OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD. |
|
Thread Tools | Display Modes |
|
|||
Security problem with permission
The cups package creates an /etc/printcap link with permission 0755. The daily run of the security script says that this should be 0644. I can reset this, of course, but it reverts to the default on the next upgrade of cups.
Alternatively, I can edit /etc/mtree/special to accept 0755 but this is lost when I upgrade the base system. The security man page says: security also provides hooks for administrators to create their own lists. These lists should be kept in /etc/mtree/ and filenames must have the suffix “.secure”.And it gives examples of entries. So I made a file called "/etc/mtree/printcap.secure" with the line: "chmod 0644 /etc/printcap" but this doesn't help. Perhaps I misunderstood the example. So far the only work-around I've found is to make an entry in root's crontab to change the permission every night. This works but doesn't seem very elegant. Can anyone suggest what I'm doing wrong? Last edited by acampbell; 29th October 2017 at 09:47 AM. |
|
|||
Well, the message I get is this:
permissions (0644, 0755) mtree special: exit code 2 In OBSD (unlike linux) you can change the permissions of symbolic links with chmod -h. If I change it to 0644 the error goes away. |
|
|||
I've now found a discussion of this problem on marc.info openbsd-bugs. It was supposed to have been fixed in -current in 2016 but it doesn't seem to have been. I'll submit a report.
|
|
|||
Make sure to report back with the result!
|
|
|||
Fixed in latest -current
I emailed the CUPS maintainer, Antoine Jacoutot, who is always helpful. He has uploaded a new version of the package to -current and that has created /etc/printcap with the correct permission after a reboot.
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Security Security problem in VMware vSphere 5 | J65nko | News | 0 | 31st May 2012 08:13 AM |
Security problem in PuTTY SSH client fixed | J65nko | News | 0 | 12th December 2011 04:26 PM |
security LOG problem | paul-lkw | FreeBSD General | 5 | 9th July 2009 05:05 AM |
Samba + Ldap... permission problem | coppermine | FreeBSD General | 3 | 13th October 2008 10:00 AM |
Apache Problem ( Permission ) | dctr | FreeBSD General | 8 | 27th May 2008 09:48 PM |