diff options
author | Louis Bertrand <louis@cvs.openbsd.org> | 2000-03-04 17:41:37 +0000 |
---|---|---|
committer | Louis Bertrand <louis@cvs.openbsd.org> | 2000-03-04 17:41:37 +0000 |
commit | ab3379196f30d31f43905299cb7643a87d2aa0b6 (patch) | |
tree | bb6e27f7c36c3161e98c78ae3f4db8dcfe6afb98 /share/man/man8/afterboot.8 | |
parent | 7f8c98e0221a2fd820b19fe2fbf7bdf83c038bd3 (diff) |
Clearer note about the daily security report.
Diffstat (limited to 'share/man/man8/afterboot.8')
-rw-r--r-- | share/man/man8/afterboot.8 | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/share/man/man8/afterboot.8 b/share/man/man8/afterboot.8 index 4aa5491ff4b..5b35cd06211 100644 --- a/share/man/man8/afterboot.8 +++ b/share/man/man8/afterboot.8 @@ -555,14 +555,28 @@ and change some of the lines to read: 30 3 * * 6 /bin/sh /etc/weekly 2>&1 > /var/log/weekly.out 30 5 1 * * /bin/sh /etc/monthly 2>&1 > /var/log/monthly.out .Ed +.Pp See .Xr crontab 5 . .Ss Next day cleanup After the first night's security run, change ownerships and permissions -on things. The best bet is to have permissions as in the security list. -(The first of the two listed permissions, and the first group number of -the two). -Use +on files, directories, and devices; root should have received email +with subject: "<hostname> daily insecurity output.". This email contains +a set of security recommendations, presented as a list looking like this: +.Bd -literal -offset indent +var/mail: + permissions (0755, 0775) +etc/daily: + user (0, 3) +.Ed +.Pp +The best bet is to follow the advice in that list. The +recommended setting is the first item in parentheses, while +the current setting is the second one. This list is generated by +.Xr mtree 8 +using +.Ic /etc/mtree/special +). Use .Xr chmod 1 , .Xr chgrp 1 , and @@ -745,6 +759,7 @@ time in the kernel image. .Xr ext_srvtab 8 , .Xr ifconfig 8 , .Xr inetd 8 , +.Xr mtree 8 , .Xr mount 8 , .Xr named 8 , .Xr rc 8 , |