|
From: | Patrick M McNeal |
Subject: | Re: anyone tried being *very* explicit with respect to file permissions? |
Date: | Thu, 6 May 2004 09:13:47 -0400 |
This seems like a slow way to force all files to be the correct ownership and permissions. Is there another way given that the files in /etc have different owners and groups?
It sounds like what you are actually looking for is a tripwire. Tripwire, the product, can verify such a policy, but it has no way of making changes if something is incorrect. On the flip side of the problem, tools like cfengine and isconf can make the changes, but have no easy way to tripwire the entire filesystem.
Tools like radmind and synctree were designed to address both issues. At their core, they are a tripwire, allowing you to monitor every filesystem object. They also go a step further and allow you to correct the problem without having to write a set of script, configuration files or stanaz to get the work done.
You can read more about the integration of tripwire and managament here: http://rsug.itd.umich.edu/software/radmind/files/LISA-radmind.pdf --Patrick........................................................................ ..
Patrick M McNeal GnuPG Public Key: mcneal@umich.edu http://umich.edu/~mcneal/mcneal.pgp
[Prev in Thread] | Current Thread | [Next in Thread] |