help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: anyone tried being *very* explicit with respect to file permissions?


From: Patrick M McNeal
Subject: Re: anyone tried being *very* explicit with respect to file permissions?
Date: Thu, 6 May 2004 09:13:47 -0400

This seems like a slow way to force all files to be the correct
ownership and permissions. Is there another way given that the
files in /etc have different owners and groups?

It sounds like what you are actually looking for is a tripwire. Tripwire, the product, can verify such a policy, but it has no way of making changes if something is incorrect. On the flip side of the problem, tools like cfengine and isconf can make the changes, but have no easy way to tripwire the entire filesystem.

Tools like radmind and synctree were designed to address both issues. At their core, they are a tripwire, allowing you to monitor every filesystem object. They also go a step further and allow you to correct the problem without having to write a set of script, configuration files or stanaz to get the work done.

You can read more about the integration of tripwire and managament here:

http://rsug.itd.umich.edu/software/radmind/files/LISA-radmind.pdf

--Patrick
........................................................................ ..
Patrick M McNeal                                GnuPG Public Key:
address@hidden                          http://umich.edu/~mcneal/mcneal.pgp





reply via email to

[Prev in Thread] Current Thread [Next in Thread]