Subject: Re: /etc/security issues
To: None <tech-userlevel@netbsd.org>
From: Greg A. Woods <woods@weird.com>
List: tech-userlevel
Date: 05/03/2001 14:06:55
[ On Thursday, May 3, 2001 at 13:16:18 (-0400), Andrew Brown wrote: ]
> Subject: /etc/security issues
>
> (1) i recently added a user that has a - character in the username.
> /etc/security doesn't like it. does anyone know of a reason why -
> should be a "bad" character? i'm sure that usernames that consist
> solely of a + or a - or start with a - are bad, but an embedded -
> can't be that bad...can it?
I don't recall any reasons to avoid an embedded '-' in a user or group name.
> (2) as regards bin/12727 and bin/12729, i was considering changing
> /etc/security to keep the paths to files being backed up intact, but
> with the value of $backup_dir prepended. that means that the file
> /etc/bootparams, which is currently being backed up as
> $backup_dir/bootparams, would now be backed up as
> $backup_dir/etc/bootparams.
This is along the same lines as the plan I'd been hoping to use in my
implementation with RCS too.
> this would allow us to track the files in
> /etc/rc.d with very little difficulty, since /etc/bootparams and
> /etc/rc.d/bootparams would no longer map to the same backup file name.
> i have a simple patch to /etc/security to do this (and to move the old
> backup files to the new names). comments?
As for /etc/rc.d/*, why the heck would you want to list those files in
/etc/changelist? They should really never change unless they're from a
new install/upgrade.....
I've no objections to any individual administrator listing them there,
but no distribution should ever come that way by default. Any changes
necessary in those scripts would indicate deficiencies that should be
fixed in the source....
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods@acm.org> <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>