summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJason McIntyre <jmc@cvs.openbsd.org>2003-09-25 09:19:12 +0000
committerJason McIntyre <jmc@cvs.openbsd.org>2003-09-25 09:19:12 +0000
commitffffffb63517d8c60f0aa8706a37a08edc91442a (patch)
tree92c65ec7343b3be298b31d913972b2cbc098af2d
parent5abb311e8db4a478e5d920ceafe1b80b90c49f4e (diff)
man page for /etc/changelist format;
ok deraadt@
-rw-r--r--share/man/man5/Makefile16
-rw-r--r--share/man/man5/changelist.5143
2 files changed, 151 insertions, 8 deletions
diff --git a/share/man/man5/Makefile b/share/man/man5/Makefile
index 88934a7ed6f..a37635563bc 100644
--- a/share/man/man5/Makefile
+++ b/share/man/man5/Makefile
@@ -1,15 +1,15 @@
-# $OpenBSD: Makefile,v 1.34 2003/08/21 19:12:59 frantzen Exp $
+# $OpenBSD: Makefile,v 1.35 2003/09/25 09:19:11 jmc Exp $
# $NetBSD: Makefile,v 1.14 1995/05/11 23:13:15 cgd Exp $
# missing: dump.5 plot.5
-MAN= a.out.5 acct.5 bsd.port.mk.5 bsd.regress.mk.5 core.5 dir.5 disktab.5 \
- elf.5 ethers.5 fbtab.5 files.conf.5 forward.5 fs.5 fstab.5 \
- genassym.cf.5 group.5 hostname.if.5 hosts.equiv.5 hosts.5 intro.5 \
- link.5 login.conf.5 mk.conf.5 moduli.5 motd.5 myname.5 netgroup.5 \
- networks.5 passwd.5 passwd.conf.5 pf.conf.5 pf.os.5 phones.5 \
- printcap.5 protocols.5 remote.5 resolv.conf.5 rpc.5 services.5 \
- shells.5 stab.5 spamd.conf.5 sysctl.conf.5 types.5 utmp.5 \
+MAN= a.out.5 acct.5 bsd.port.mk.5 bsd.regress.mk.5 changelist.5 core.5 \
+ dir.5 disktab.5 elf.5 ethers.5 fbtab.5 files.conf.5 forward.5 fs.5 \
+ fstab.5 genassym.cf.5 group.5 hostname.if.5 hosts.equiv.5 hosts.5 \
+ intro.5 link.5 login.conf.5 mk.conf.5 moduli.5 motd.5 myname.5 \
+ netgroup.5 networks.5 passwd.5 passwd.conf.5 pf.conf.5 pf.os.5 \
+ phones.5 printcap.5 protocols.5 remote.5 resolv.conf.5 rpc.5 \
+ services.5 shells.5 stab.5 spamd.conf.5 sysctl.conf.5 types.5 utmp.5 \
wsconsctl.conf.5
MLINKS= dir.5 dirent.5 fs.5 inode.5 utmp.5 wtmp.5 utmp.5 lastlog.5
MLINKS+= hosts.equiv.5 .rhosts.5
diff --git a/share/man/man5/changelist.5 b/share/man/man5/changelist.5
new file mode 100644
index 00000000000..75c01ce1387
--- /dev/null
+++ b/share/man/man5/changelist.5
@@ -0,0 +1,143 @@
+.\" $OpenBSD: changelist.5,v 1.1 2003/09/25 09:19:11 jmc Exp $
+.\"
+.\" Copyright (c) 2003 Jason McIntyre <jmc@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd September 11, 2003
+.Dt CHANGELIST 5
+.Os
+.Sh NAME
+.Nm changelist
+.Nd list of backup files
+.Sh SYNOPSIS
+.Nm /etc/changelist
+.Sh DESCRIPTION
+The
+.Pa /etc/changelist
+file is a simple text file containing the names of files to be backed up
+and checked for modification by the system security script,
+.Xr security 8 .
+It is checked daily by the
+.Pa /etc/daily
+script.
+See
+.Xr daily 8
+for further details.
+.Pp
+Each line of the file contains the name of a file,
+specified by its absolute pathname,
+one per line.
+By default, configuration files in
+.Pa /etc ,
+.Pa /root ,
+and
+.Pa /var
+are added during system install.
+Administrators may add additional files at their discretion.
+.Pp
+Backup files are held in the directory
+.Pa /var/backups .
+A backup of the current version of a file is kept in this directory, marked
+.Qq current .
+When the file is altered, the old version is marked as
+.Qq backup
+and the new version becomes
+.Qq current .
+.Pp
+For example,
+the system shell database,
+.Pa /etc/shells ,
+is held as
+.Pa /var/backups/etc_shells.current .
+When this file is modified, it is renamed to
+.Pa /var/backups/etc_shells.backup
+and the new version becomes
+.Pa /var/backups/etc_shells.current .
+Thereafter, these files are rotated.
+.Pp
+Diffs are mailed to the root administrator, in unified
+.Xr diff 1
+format, via
+.Xr daily 8 ,
+in the following format:
+.Bd -unfilled -offset indent
+=====
+/etc/shells diffs (-OLD -NEW)
+=====
+.Ed
+.Pp
+Files in
+.Pa /etc/changelist
+beginning with a
+.Sq +
+character
+.Pq generally non-text files
+are stored as
+.Xr md5 1
+checksums.
+Results are mailed in the following format:
+.Bd -unfilled -offset indent
+======
+/etc/ssh/ssh_host_key MD5 checksums
+======
+OLD:
+NEW:
+.Ed
+.Pp
+Lines beginning with the comment character
+.Pq Sq # ,
+blank lines,
+and non-existent files are all silently ignored.
+.\" .Sh ENVIRONMENT
+.Sh FILES
+.Bl -tag -width /etc/changelist -compact
+.It Pa /etc/changelist
+Default changelist.
+.It Pa /etc/daily
+Maintenance script which runs
+.Xr security 8 .
+.It Pa /etc/security
+Shell script which reads
+.Pa /etc/changelist .
+.It /var/backups/
+Directory containing file backups.
+.El
+.Sh SEE ALSO
+.Xr diff 1 ,
+.Xr md5 1 ,
+.Xr daily 8 ,
+.Xr security 8
+.Sh HISTORY
+The
+.Nm
+manual page first appeared in
+.Ox 3.5 .
+.Sh CAVEATS
+Anyone with the privileges to alter system configuration files
+could also alter the backup files in
+.Pa /var/backups .
+It is important that this directory be owned by root:wheel
+and have permissions 0700 set.
+.Pp
+Removal of the
+.Pa /etc/changelist
+file itself could cause confusion.
+.Pp
+.Nm
+cannot warn about files being added to the system.
+.Pp
+If you hose your system configuration files,
+you just might be able to find the information you need in
+.Pa /var/backups .
+This is not a CAVEAT, but we had to warn you somehow!