# $OpenBSD: special,v 1.66 2005/06/08 20:11:38 deraadt Exp $ # $NetBSD: special,v 1.4 1996/05/08 21:30:18 pk Exp $ # @(#)special 8.2 (Berkeley) 1/23/94 # # Hand-crafted mtree specification for the dangerous files. # . type=dir mode=0755 uname=root gname=wheel dev type=dir mode=0755 uname=root gname=wheel drum type=char mode=0640 uname=root gname=kmem fd type=dir mode=0555 uname=root gname=wheel ignore .. #dev/fd kmem type=char mode=0640 uname=root gname=kmem mem type=char mode=0640 uname=root gname=kmem .. #dev etc type=dir mode=0755 uname=root gname=wheel bgpd.conf type=file mode=0600 uname=root gname=wheel crontab type=file mode=0644 uname=root gname=wheel optional csh.cshrc type=file mode=0644 uname=root gname=wheel csh.login type=file mode=0644 uname=root gname=wheel csh.logout type=file mode=0644 uname=root gname=wheel daily type=file mode=0644 uname=root gname=wheel daily.local type=file mode=0644 uname=root gname=wheel optional disklabels type=dir mode=0755 uname=root gname=wheel ignore .. #disklabels exports type=file mode=0644 uname=root gname=wheel optional fbtab type=file mode=0644 uname=root gname=wheel fstab type=file mode=0644 uname=root gname=wheel ftpusers type=file mode=0644 uname=root gname=wheel group type=file mode=0644 uname=root gname=wheel hosts type=file mode=0644 uname=root gname=wheel hosts.equiv type=file mode=0600 uname=root gname=wheel optional inetd.conf type=file mode=0644 uname=root gname=wheel isakmpd type=dir mode=0755 uname=root gname=wheel isakmpd.conf type=file mode=0600 uname=root gname=wheel optional isakmpd.policy type=file mode=0600 uname=root gname=wheel optional .. #isakmpd kerberosV type=dir mode=0755 uname=root gname=wheel optional ignore .. #kerberosV host.random type=file mode=0600 uname=root gname=wheel optional login.conf type=file mode=0644 uname=root gname=wheel mail.rc type=file mode=0644 uname=root gname=wheel mailer.conf type=file mode=0644 uname=root gname=wheel master.passwd type=file mode=0600 uname=root gname=wheel monthly type=file mode=0644 uname=root gname=wheel monthly.local type=file mode=0644 uname=root gname=wheel optional mail type=dir mode=0755 uname=root gname=wheel aliases type=file mode=0644 uname=root gname=wheel optional aliases.db type=file mode=0644 uname=root gname=wheel optional sendmail.cf type=file mode=0644 uname=root gname=wheel optional submit.cf type=file mode=0644 uname=root gname=wheel optional .. #mail mtree type=dir mode=0755 uname=root gname=wheel special type=file mode=0600 uname=root gname=wheel .. #mtree moduli type=file mode=0644 uname=root gname=wheel netstart type=file mode=0644 uname=root gname=wheel ntpd.conf type=file mode=0644 uname=root gname=wheel ospfd.conf type=file mode=0600 uname=root gname=wheel passwd type=file mode=0644 uname=root gname=wheel pf.conf type=file mode=0600 uname=root gname=wheel optional printcap type=file mode=0644 uname=root gname=wheel rc type=file mode=0644 uname=root gname=wheel rc.conf type=file mode=0644 uname=root gname=wheel rc.conf.local type=file mode=0644 uname=root gname=wheel optional rc.local type=file mode=0644 uname=root gname=wheel rc.securelevel type=file mode=0644 uname=root gname=wheel rc.shutdown type=file mode=0644 uname=root gname=wheel resolv.conf type=file mode=0644 uname=root gname=wheel optional resolv.conf.tail type=file mode=0644 uname=root gname=wheel optional security type=file mode=0644 uname=root gname=wheel sensorsd.conf type=file mode=0644 uname=root gname=wheel shells type=file mode=0644 uname=root gname=wheel skey type=dir mode=01730 uname=root gname=auth optional .. #skey spamd.conf type=file mode=0644 uname=root gname=wheel optional spwd.db type=file mode=0640 uname=root gname=_shadow ssh type=dir mode=0755 uname=root gname=wheel optional ssh_config type=file mode=0644 uname=root gname=wheel ssh_host_dsa_key type=file mode=0600 uname=root gname=wheel optional ssh_host_dsa_key.pub type=file mode=0644 uname=root gname=wheel optional ssh_host_key type=file mode=0600 uname=root gname=wheel optional ssh_host_key.pub type=file mode=0644 uname=root gname=wheel optional ssh_host_rsa_key type=file mode=0600 uname=root gname=wheel optional ssh_host_rsa_key.pub type=file mode=0644 uname=root gname=wheel optional sshd_config type=file mode=0644 uname=root gname=wheel .. #ssh systrace type=dir mode=0755 uname=root gname=wheel optional .. #systrace syslog.conf type=file mode=0644 uname=root gname=wheel ttys type=file mode=0644 uname=root gname=wheel weekly type=file mode=0644 uname=root gname=wheel weekly.local type=file mode=0644 uname=root gname=wheel optional uucp type=dir mode=0755 uname=root gname=wheel optional ignore .. #uucp .. #etc root type=dir mode=0700 uname=root gname=wheel .cshrc type=file mode=0644 uname=root gname=wheel .klogin type=file mode=0600 uname=root gname=wheel optional .login type=file mode=0644 uname=root gname=wheel .profile type=file mode=0644 uname=root gname=wheel .rhosts type=file mode=0600 uname=root gname=wheel optional .. #root sbin type=dir mode=0755 uname=root gname=wheel ignore .. #sbin usr type=dir mode=0755 uname=root gname=wheel bin type=dir mode=0755 uname=root gname=wheel ignore .. #usr/bin games type=dir mode=0755 uname=root gname=wheel optional .. #usr/games include type=dir mode=0755 uname=root gname=bin ignore .. #usr/include lib type=dir mode=0755 uname=root gname=wheel ignore .. #usr/lib libdata type=dir mode=0755 uname=root gname=wheel ignore .. #usr/libdata libexec type=dir mode=0755 uname=root gname=wheel auth type=dir mode=0750 uname=root gname=auth ignore .. #usr/libexec/auth .. #usr/libexec local type=dir mode=0755 uname=root gname=wheel bin type=dir mode=0755 uname=root gname=wheel ignore .. #usr/local/bin lib type=dir mode=0755 uname=root gname=wheel ignore .. #usr/local/lib .. #usr/local sbin type=dir mode=0755 uname=root gname=wheel ignore .. #usr/sbin share type=dir mode=0755 uname=root gname=wheel ignore .. #usr/share src type=dir mode=0775 uname=root gname=wsrc ignore optional .. #usr/src .. #usr var type=dir mode=0755 uname=root gname=wheel account type=dir mode=0755 uname=root gname=wheel acct type=file mode=0644 uname=root gname=wheel optional .. #var/account yp type=dir mode=0755 uname=root gname=wheel optional ignore .. #var/yp backups type=dir mode=0700 uname=root gname=wheel ignore .. #var/backups cron type=dir mode=0555 uname=root gname=wheel log type=file mode=0600 uname=root gname=wheel atjobs type=dir mode=01770 uname=root gname=crontab ignore .. #var/cron/atjobs tabs type=dir mode=01730 uname=root gname=crontab ignore .. #var/cron/tabs .. #var/cron db type=dir mode=0755 uname=root gname=wheel kvm_bsd.db type=file mode=0644 uname=root gname=wheel .. #var/db log type=dir mode=0755 uname=root gname=wheel authlog type=file mode=0640 uname=root gname=wheel secure type=file mode=0600 uname=root gname=wheel wtmp type=file mode=0644 uname=root gname=wheel lastlog type=file mode=0644 uname=root gname=wheel .. #var/log mail type=dir mode=0755 uname=root gname=wheel ignore .. #var/mail run type=dir mode=0755 uname=root gname=wheel utmp type=file mode=0664 uname=root gname=utmp .. #var/run spool type=dir mode=0755 uname=root gname=wheel clientmqueue type=dir mode=0770 uname=smmsp gname=smmsp ignore .. #var/spool/clientmqueue ftp type=dir mode=0555 uname=root gname=wheel optional bin type=dir mode=0511 uname=root gname=wheel optional .. #var/spool/ftp/bin etc type=dir mode=0511 uname=root gname=wheel optional group type=file mode=0444 uname=root gname=wheel optional localtime type=file mode=0444 uname=root gname=wheel optional master.passwd type=file mode=0400 uname=root gname=wheel optional spwd.db type=file mode=0400 uname=root gname=wheel optional motd type=file mode=0444 uname=root gname=wheel optional passwd type=file mode=0444 uname=root gname=wheel optional pwd.db type=file mode=0444 uname=root gname=wheel optional .. #var/spool/ftp/etc hidden type=dir mode=0111 uname=root gname=wheel optional ignore .. #var/spool/ftp/hidden pub type=dir mode=0555 uname=root gname=wheel optional ignore .. #var/spool/ftp/pub .. #var/spool/ftp mqueue type=dir mode=0700 uname=root gname=wheel ignore .. #var/spool/mqueue output type=dir mode=0775 uname=root gname=daemon ignore .. #var/spool/output uucp type=dir mode=0755 uname=uucp gname=daemon ignore .. #var/spool/uucp uucppublic type=dir mode=01775 uname=uucp gname=daemon ignore .. #var/spool/uucppublic .. #var/spool