special revision 1.51
1 1.51 veego # $NetBSD: special,v 1.51 2002/02/19 21:33:13 veego Exp $ 2 1.1 cgd # @(#)special 8.2 (Berkeley) 1/23/94 3 1.1 cgd # 4 1.1 cgd # Hand-crafted mtree specification for the dangerous files. 5 1.1 cgd # 6 1.47 lukem # /etc/security checks: 7 1.47 lukem # - All of these are checked if $check_mtree is enabled. 8 1.49 lukem # - Files with "nodiff" tags are highlighted if they change. 9 1.49 lukem # - Files without "nodiff" or "exclude" tags are displayed 10 1.47 lukem # with diff(1)s if $check_changelist is enabled. 11 1.47 lukem # 12 1.1 cgd 13 1.46 lukem /set uname=root gname=wheel 14 1.1 cgd 15 1.46 lukem . type=dir mode=0755 16 1.1 cgd 17 1.46 lukem ./dev type=dir mode=0755 18 1.46 lukem ./dev/drum type=char mode=0640 gname=kmem 19 1.46 lukem ./dev/fd type=dir mode=0755 ignore 20 1.46 lukem ./dev/kmem type=char mode=0640 gname=kmem 21 1.46 lukem ./dev/mem type=char mode=0640 gname=kmem 22 1.1 cgd 23 1.46 lukem ./etc type=dir mode=0755 24 1.46 lukem ./etc/Distfile type=file mode=0644 optional 25 1.46 lukem ./etc/amd type=dir mode=0755 optional 26 1.46 lukem ./etc/apm type=dir mode=0755 optional 27 1.46 lukem ./etc/bootparams type=file mode=0644 optional 28 1.46 lukem ./etc/bootptab type=file mode=0644 optional 29 1.46 lukem ./etc/ccd.conf type=file mode=0644 optional 30 1.48 lukem ./etc/changelist type=file mode=0644 31 1.46 lukem ./etc/crontab type=file mode=0644 optional 32 1.46 lukem ./etc/csh.cshrc type=file mode=0644 33 1.46 lukem ./etc/csh.login type=file mode=0644 34 1.46 lukem ./etc/csh.logout type=file mode=0644 35 1.46 lukem ./etc/daily type=file mode=0644 36 1.46 lukem ./etc/daily.conf type=file mode=0644 37 1.46 lukem ./etc/daily.local type=file mode=0644 optional 38 1.46 lukem ./etc/defaultdomain type=file mode=0644 optional 39 1.46 lukem ./etc/defaults type=dir mode=0755 40 1.46 lukem ./etc/defaults/daily.conf type=file mode=0444 41 1.46 lukem ./etc/defaults/monthly.conf type=file mode=0444 42 1.46 lukem ./etc/defaults/rc.conf type=file mode=0444 43 1.46 lukem ./etc/defaults/security.conf type=file mode=0444 44 1.46 lukem ./etc/defaults/weekly.conf type=file mode=0444 45 1.46 lukem ./etc/dhclient-enter-hooks type=file mode=0644 optional 46 1.46 lukem ./etc/dhclient-exit-hooks type=file mode=0644 optional 47 1.46 lukem ./etc/dhclient.conf type=file mode=0644 optional 48 1.46 lukem ./etc/dhcpd.conf type=file mode=0644 optional 49 1.46 lukem ./etc/disktab type=file mode=0644 50 1.46 lukem ./etc/dm.conf type=file mode=0644 51 1.46 lukem ./etc/dumpdates type=file mode=0664 gname=operator optional 52 1.46 lukem ./etc/ethers type=file mode=0644 optional 53 1.46 lukem ./etc/exports type=file mode=0644 optional 54 1.46 lukem ./etc/floppytab type=file mode=0644 55 1.46 lukem ./etc/fstab type=file mode=0644 56 1.46 lukem ./etc/ftpchroot type=file mode=0644 57 1.46 lukem ./etc/ftpd.conf type=file mode=0644 optional 58 1.46 lukem ./etc/ftpusers type=file mode=0644 59 1.46 lukem ./etc/ftpwelcome type=file mode=0644 optional 60 1.46 lukem ./etc/gateways type=file mode=0644 optional 61 1.46 lukem ./etc/gettytab type=file mode=0644 62 1.46 lukem ./etc/group type=file mode=0644 63 1.46 lukem ./etc/hesiod.conf type=file mode=0644 optional 64 1.46 lukem ./etc/hosts type=file mode=0644 65 1.46 lukem ./etc/hosts.allow type=file mode=0644 optional 66 1.46 lukem ./etc/hosts.deny type=file mode=0644 optional 67 1.46 lukem ./etc/hosts.equiv type=file mode=0600 optional 68 1.46 lukem ./etc/hosts.lpd type=file mode=0644 optional 69 1.46 lukem ./etc/ifaliases type=file mode=0644 optional 70 1.46 lukem ./etc/inetd.conf type=file mode=0644 71 1.46 lukem ./etc/ipf.conf type=file mode=0644 optional 72 1.51 veego ./etc/ipf6.conf type=file mode=0644 optional 73 1.46 lukem ./etc/ipnat.conf type=file mode=0644 optional 74 1.46 lukem ./etc/ipsec.conf type=file mode=0644 optional 75 1.46 lukem ./etc/kerberosIV type=dir mode=0755 ignore optional 76 1.46 lukem ./etc/ld.so.conf type=file mode=0644 optional 77 1.46 lukem ./etc/lkm.conf type=file mode=0644 optional 78 1.46 lukem ./etc/localtime type=link mode=0755 79 1.46 lukem ./etc/login.conf type=file mode=0644 optional 80 1.46 lukem ./etc/mail type=dir mode=0755 81 1.46 lukem ./etc/mail/aliases type=file mode=0644 82 1.47 lukem ./etc/mail/aliases.db type=file mode=0644 tags=exclude 83 1.46 lukem ./etc/mail/helpfile type=file mode=0444 84 1.46 lukem ./etc/mail/local-host-names type=file mode=0644 optional 85 1.46 lukem ./etc/mail/sendmail.cf type=file mode=0444 86 1.46 lukem ./etc/mail.rc type=file mode=0644 87 1.46 lukem ./etc/mailer.conf type=file mode=0644 88 1.46 lukem ./etc/man.conf type=file mode=0644 89 1.49 lukem ./etc/master.passwd type=file mode=0600 tags=nodiff 90 1.46 lukem ./etc/mk.conf type=file mode=0644 91 1.46 lukem ./etc/moduli type=file mode=0444 92 1.46 lukem ./etc/monthly type=file mode=0644 93 1.46 lukem ./etc/monthly.conf type=file mode=0644 94 1.46 lukem ./etc/monthly.local type=file mode=0644 optional 95 1.46 lukem ./etc/mrouted.conf type=file mode=0644 96 1.46 lukem ./etc/mtree type=dir mode=0755 97 1.46 lukem ./etc/mtree/special type=file mode=0444 98 1.47 lukem ./etc/mtree/special.local type=file mode=0644 optional 99 1.46 lukem ./etc/mygate type=file mode=0644 optional 100 1.46 lukem ./etc/myname type=file mode=0644 optional 101 1.46 lukem ./etc/named.conf type=file mode=0644 optional 102 1.46 lukem ./etc/namedb type=dir mode=0755 103 1.46 lukem ./etc/netconfig type=file mode=0644 104 1.46 lukem ./etc/netgroup type=file mode=0644 optional 105 1.47 lukem ./etc/netgroup.db type=file mode=0644 optional tags=exclude 106 1.46 lukem ./etc/netstart.local type=file mode=0644 optional 107 1.46 lukem ./etc/networks type=file mode=0644 108 1.46 lukem ./etc/newsyslog.conf type=file mode=0644 109 1.46 lukem ./etc/nsswitch.conf type=file mode=0644 110 1.46 lukem ./etc/ntp.conf type=file mode=0644 optional 111 1.46 lukem ./etc/passwd type=file mode=0644 112 1.46 lukem ./etc/passwd.conf type=file mode=0644 optional 113 1.46 lukem ./etc/phones type=file mode=0644 114 1.46 lukem ./etc/ppp type=dir mode=0755 optional 115 1.46 lukem ./etc/ppp/options type=file mode=0644 optional 116 1.46 lukem ./etc/printcap type=file mode=0644 117 1.46 lukem ./etc/profile type=file mode=0644 118 1.46 lukem ./etc/protocols type=file mode=0644 119 1.46 lukem ./etc/rbootd.conf type=file mode=0644 optional 120 1.46 lukem ./etc/rc type=file mode=0644 121 1.46 lukem ./etc/rc.conf type=file mode=0644 122 1.46 lukem ./etc/rc.d type=dir mode=0755 123 1.46 lukem ./etc/rc.d/DAEMON type=file mode=0555 124 1.46 lukem ./etc/rc.d/LOGIN type=file mode=0555 125 1.50 veego ./etc/rc.d/NETWORKING type=file mode=0555 126 1.46 lukem ./etc/rc.d/SERVERS type=file mode=0555 127 1.46 lukem ./etc/rc.d/accounting type=file mode=0555 128 1.46 lukem ./etc/rc.d/altqd type=file mode=0555 129 1.46 lukem ./etc/rc.d/amd type=file mode=0555 130 1.46 lukem ./etc/rc.d/apmd type=file mode=0555 131 1.46 lukem ./etc/rc.d/bootconf.sh type=file mode=0555 132 1.46 lukem ./etc/rc.d/bootparams type=file mode=0555 133 1.46 lukem ./etc/rc.d/ccd type=file mode=0555 134 1.46 lukem ./etc/rc.d/cleartmp type=file mode=0555 135 1.46 lukem ./etc/rc.d/cron type=file mode=0555 136 1.46 lukem ./etc/rc.d/dhclient type=file mode=0555 137 1.46 lukem ./etc/rc.d/dhcpd type=file mode=0555 138 1.46 lukem ./etc/rc.d/dhcrelay type=file mode=0555 139 1.46 lukem ./etc/rc.d/dmesg type=file mode=0555 140 1.46 lukem ./etc/rc.d/downinterfaces type=file mode=0555 141 1.46 lukem ./etc/rc.d/fsck type=file mode=0555 142 1.46 lukem ./etc/rc.d/inetd type=file mode=0555 143 1.46 lukem ./etc/rc.d/ipfilter type=file mode=0555 144 1.46 lukem ./etc/rc.d/ipmon type=file mode=0555 145 1.46 lukem ./etc/rc.d/ipnat type=file mode=0555 146 1.46 lukem ./etc/rc.d/ipsec type=file mode=0555 147 1.46 lukem ./etc/rc.d/isdnd type=file mode=0555 148 1.46 lukem ./etc/rc.d/kdc type=file mode=0555 149 1.46 lukem ./etc/rc.d/ldconfig type=file mode=0555 150 1.46 lukem ./etc/rc.d/lkm1 type=file mode=0555 151 1.46 lukem ./etc/rc.d/lkm2 type=file mode=0555 152 1.46 lukem ./etc/rc.d/lkm3 type=file mode=0555 153 1.46 lukem ./etc/rc.d/local type=file mode=0555 154 1.46 lukem ./etc/rc.d/lpd type=file mode=0555 155 1.46 lukem ./etc/rc.d/mopd type=file mode=0555 156 1.46 lukem ./etc/rc.d/motd type=file mode=0555 157 1.46 lukem ./etc/rc.d/mountall type=file mode=0555 158 1.46 lukem ./etc/rc.d/mountcritlocal type=file mode=0555 159 1.46 lukem ./etc/rc.d/mountcritremote type=file mode=0555 160 1.46 lukem ./etc/rc.d/mountd type=file mode=0555 161 1.46 lukem ./etc/rc.d/mrouted type=file mode=0555 162 1.46 lukem ./etc/rc.d/named type=file mode=0555 163 1.46 lukem ./etc/rc.d/ndbootd type=file mode=0555 164 1.46 lukem ./etc/rc.d/network type=file mode=0555 165 1.46 lukem ./etc/rc.d/newsyslog type=file mode=0555 166 1.46 lukem ./etc/rc.d/nfsd type=file mode=0555 167 1.46 lukem ./etc/rc.d/nfslocking type=file mode=0555 168 1.46 lukem ./etc/rc.d/ntpd type=file mode=0555 169 1.46 lukem ./etc/rc.d/ntpdate type=file mode=0555 170 1.46 lukem ./etc/rc.d/poffd type=file mode=0555 171 1.46 lukem ./etc/rc.d/postfix type=file mode=0555 172 1.46 lukem ./etc/rc.d/ppp type=file mode=0555 173 1.46 lukem ./etc/rc.d/pwcheck type=file mode=0555 174 1.46 lukem ./etc/rc.d/quota type=file mode=0555 175 1.46 lukem ./etc/rc.d/racoon type=file mode=0555 176 1.46 lukem ./etc/rc.d/raidframe type=file mode=0555 177 1.46 lukem ./etc/rc.d/rarpd type=file mode=0555 178 1.46 lukem ./etc/rc.d/rbootd type=file mode=0555 179 1.46 lukem ./etc/rc.d/root type=file mode=0555 180 1.46 lukem ./etc/rc.d/route6d type=file mode=0555 181 1.46 lukem ./etc/rc.d/routed type=file mode=0555 182 1.46 lukem ./etc/rc.d/rpcbind type=file mode=0555 183 1.46 lukem ./etc/rc.d/rtadvd type=file mode=0555 184 1.46 lukem ./etc/rc.d/rtsold type=file mode=0555 185 1.46 lukem ./etc/rc.d/rwho type=file mode=0555 186 1.46 lukem ./etc/rc.d/savecore type=file mode=0555 187 1.46 lukem ./etc/rc.d/screenblank type=file mode=0555 188 1.46 lukem ./etc/rc.d/securelevel type=file mode=0555 189 1.46 lukem ./etc/rc.d/sendmail type=file mode=0555 190 1.46 lukem ./etc/rc.d/sshd type=file mode=0555 191 1.46 lukem ./etc/rc.d/swap1 type=file mode=0555 192 1.46 lukem ./etc/rc.d/swap2 type=file mode=0555 193 1.46 lukem ./etc/rc.d/sysctl type=file mode=0555 194 1.46 lukem ./etc/rc.d/sysdb type=file mode=0555 195 1.46 lukem ./etc/rc.d/syslogd type=file mode=0555 196 1.46 lukem ./etc/rc.d/timed type=file mode=0555 197 1.46 lukem ./etc/rc.d/ttys type=file mode=0555 198 1.46 lukem ./etc/rc.d/virecover type=file mode=0555 199 1.46 lukem ./etc/rc.d/wscons type=file mode=0555 200 1.46 lukem ./etc/rc.d/xdm type=file mode=0555 201 1.46 lukem ./etc/rc.d/xfs type=file mode=0555 202 1.46 lukem ./etc/rc.d/ypbind type=file mode=0555 203 1.46 lukem ./etc/rc.d/yppasswdd type=file mode=0555 204 1.46 lukem ./etc/rc.d/ypserv type=file mode=0555 205 1.46 lukem ./etc/rc.lkm type=file mode=0644 206 1.46 lukem ./etc/rc.local type=file mode=0644 optional 207 1.46 lukem ./etc/rc.shutdown type=file mode=0644 208 1.46 lukem ./etc/rc.shutdown.local type=file mode=0644 optional 209 1.46 lukem ./etc/rc.subr type=file mode=0644 210 1.46 lukem ./etc/remote type=file mode=0644 211 1.46 lukem ./etc/resolv.conf type=file mode=0644 optional 212 1.46 lukem ./etc/rpc type=file mode=0644 213 1.46 lukem ./etc/rtadvd.conf type=file mode=0644 optional 214 1.46 lukem ./etc/security type=file mode=0644 215 1.46 lukem ./etc/security.conf type=file mode=0644 216 1.46 lukem ./etc/security.local type=file mode=0644 optional 217 1.46 lukem ./etc/services type=file mode=0644 218 1.46 lukem ./etc/shells type=file mode=0644 219 1.47 lukem ./etc/shosts.equiv type=file mode=0600 optional 220 1.47 lukem ./etc/spwd.db type=file mode=0600 tags=exclude 221 1.46 lukem ./etc/ssh.conf type=file mode=0644 optional 222 1.49 lukem ./etc/ssh_host_dsa_key type=file mode=0600 optional tags=nodiff 223 1.46 lukem ./etc/ssh_host_dsa_key.pub type=file mode=0644 optional 224 1.49 lukem ./etc/ssh_host_key type=file mode=0600 optional tags=nodiff 225 1.46 lukem ./etc/ssh_host_key.pub type=file mode=0644 optional 226 1.49 lukem ./etc/ssh_host_rsa_key type=file mode=0600 optional tags=nodiff 227 1.46 lukem ./etc/ssh_host_rsa_key.pub type=file mode=0644 optional 228 1.46 lukem ./etc/ssh_known_hosts type=file mode=0644 optional 229 1.46 lukem ./etc/ssh_known_hosts2 type=file mode=0644 optional 230 1.46 lukem ./etc/sshd.conf type=file mode=0644 optional 231 1.46 lukem ./etc/sysctl.conf type=file mode=0644 232 1.46 lukem ./etc/syslog.conf type=file mode=0644 233 1.46 lukem ./etc/ttyaction type=file mode=0644 optional 234 1.46 lukem ./etc/ttys type=file mode=0644 235 1.46 lukem ./etc/usermgmt.conf type=file mode=0644 optional 236 1.46 lukem ./etc/weekly type=file mode=0644 237 1.46 lukem ./etc/weekly.conf type=file mode=0644 238 1.46 lukem ./etc/weekly.local type=file mode=0644 optional 239 1.46 lukem ./etc/wscons.conf type=file mode=0644 240 1.1 cgd 241 1.46 lukem ./root type=dir mode=0755 242 1.46 lukem ./root/.cshrc type=file mode=0644 243 1.46 lukem ./root/.klogin type=file mode=0600 optional 244 1.46 lukem ./root/.login type=file mode=0644 245 1.46 lukem ./root/.profile type=file mode=0644 246 1.46 lukem ./root/.rhosts type=file mode=0600 optional 247 1.47 lukem ./root/.shosts type=file mode=0600 optional 248 1.47 lukem ./root/.ssh type=dir mode=0700 optional 249 1.47 lukem ./root/.ssh/authorized_keys type=file mode=0600 optional 250 1.47 lukem ./root/.ssh/authorized_keys2 type=file mode=0600 optional 251 1.47 lukem ./root/.ssh/config type=file mode=0644 optional 252 1.49 lukem ./root/.ssh/id_dsa type=file mode=0600 optional tags=nodiff 253 1.47 lukem ./root/.ssh/id_dsa.pub type=file mode=0644 optional 254 1.49 lukem ./root/.ssh/id_rsa type=file mode=0600 optional tags=nodiff 255 1.47 lukem ./root/.ssh/id_rsa.pub type=file mode=0644 optional 256 1.49 lukem ./root/.ssh/identity type=file mode=0600 optional tags=nodiff 257 1.47 lukem ./root/.ssh/identity.pub type=file mode=0644 optional 258 1.47 lukem ./root/.ssh/known_hosts type=file mode=0644 optional 259 1.47 lukem ./root/.ssh/known_hosts2 type=file mode=0644 optional 260 1.1 cgd 261 1.46 lukem ./sbin type=dir mode=0755 ignore 262 1.1 cgd 263 1.46 lukem ./usr type=dir mode=0755 264 1.46 lukem ./usr/bin type=dir mode=0755 ignore 265 1.46 lukem ./usr/games type=dir mode=0755 optional 266 1.46 lukem ./usr/games/hide type=dir mode=0750 gname=games ignore optional 267 1.46 lukem ./usr/include type=dir mode=0755 ignore 268 1.46 lukem ./usr/lib type=dir mode=0755 ignore 269 1.46 lukem ./usr/libdata type=dir mode=0755 ignore 270 1.46 lukem ./usr/libexec type=dir mode=0755 ignore 271 1.46 lukem ./usr/local type=dir mode=0755 272 1.46 lukem ./usr/local/bin type=dir mode=0755 ignore 273 1.46 lukem ./usr/local/lib type=dir mode=0755 ignore 274 1.46 lukem ./usr/pkg type=dir mode=0755 ignore optional 275 1.46 lukem ./usr/sbin type=dir mode=0755 ignore 276 1.46 lukem ./usr/share type=dir mode=0755 ignore 277 1.46 lukem 278 1.46 lukem ./var type=dir mode=0755 279 1.46 lukem ./var/account type=dir mode=0755 280 1.47 lukem ./var/account/acct type=file mode=0644 optional tags=exclude 281 1.46 lukem ./var/at type=dir mode=0755 ignore 282 1.46 lukem ./var/backups type=dir mode=0755 ignore 283 1.46 lukem ./var/cron type=dir mode=0755 284 1.46 lukem ./var/cron/tabs type=dir mode=0700 285 1.46 lukem ./var/cron/tabs/root type=file mode=0600 286 1.46 lukem ./var/db type=dir mode=0755 287 1.47 lukem ./var/db/kvm.db type=file mode=0644 tags=exclude 288 1.46 lukem ./var/log type=dir mode=0755 289 1.47 lukem ./var/log/authlog type=file mode=0600 optional tags=exclude 290 1.47 lukem ./var/log/wtmp type=file mode=0644 tags=exclude 291 1.46 lukem ./var/mail type=dir mode=1777 ignore 292 1.46 lukem ./var/preserve type=dir mode=0755 ignore 293 1.46 lukem ./var/run type=dir mode=0755 294 1.47 lukem ./var/run/utmp type=file mode=0664 gname=utmp tags=exclude 295 1.46 lukem ./var/spool type=dir mode=0755 296 1.46 lukem ./var/spool/ftp type=dir mode=0755 optional 297 1.46 lukem ./var/spool/ftp/bin type=dir mode=0755 optional 298 1.46 lukem ./var/spool/ftp/bin/ls type=file mode=0555 optional 299 1.46 lukem ./var/spool/ftp/etc type=dir mode=0755 optional 300 1.46 lukem ./var/spool/ftp/etc/group type=file mode=0644 optional 301 1.46 lukem ./var/spool/ftp/etc/localtime type=file mode=0644 optional 302 1.46 lukem ./var/spool/ftp/etc/master.passwd type=file mode=0600 optional 303 1.46 lukem ./var/spool/ftp/etc/passwd type=file mode=0644 optional 304 1.46 lukem ./var/spool/ftp/hidden type=dir mode=0111 ignore optional 305 1.46 lukem ./var/spool/ftp/pub type=dir mode=0775 ignore optional 306 1.46 lukem ./var/spool/mqueue type=dir mode=0755 ignore 307 1.46 lukem ./var/spool/news type=dir mode=0755 uname=news gname=news ignore optional 308 1.46 lukem ./var/spool/output type=dir mode=0755 ignore 309 1.46 lukem ./var/spool/uucp type=dir mode=0755 uname=uucp gname=daemon ignore optional 310 1.46 lukem ./var/spool/uucppublic type=dir mode=1777 uname=uucp gname=daemon ignore optional 311 1.46 lukem ./var/yp type=dir mode=0755 312 1.46 lukem ./var/yp/Makefile type=file mode=0644 optional 313
Indexes created Thu Nov 06 02:09:54 GMT 2025