special revision 1.66
1 1.66 elric # $NetBSD: special,v 1.66 2002/10/09 14:55:54 elric Exp $ 2 1.1 cgd # @(#)special 8.2 (Berkeley) 1/23/94 3 1.1 cgd # 4 1.1 cgd # Hand-crafted mtree specification for the dangerous files. 5 1.1 cgd # 6 1.47 lukem # /etc/security checks: 7 1.47 lukem # - All of these are checked if $check_mtree is enabled. 8 1.49 lukem # - Files with "nodiff" tags are highlighted if they change. 9 1.49 lukem # - Files without "nodiff" or "exclude" tags are displayed 10 1.47 lukem # with diff(1)s if $check_changelist is enabled. 11 1.47 lukem # 12 1.1 cgd 13 1.46 lukem /set uname=root gname=wheel 14 1.1 cgd 15 1.46 lukem . type=dir mode=0755 16 1.1 cgd 17 1.46 lukem ./dev type=dir mode=0755 18 1.46 lukem ./dev/drum type=char mode=0640 gname=kmem 19 1.46 lukem ./dev/fd type=dir mode=0755 ignore 20 1.46 lukem ./dev/kmem type=char mode=0640 gname=kmem 21 1.46 lukem ./dev/mem type=char mode=0640 gname=kmem 22 1.1 cgd 23 1.46 lukem ./etc type=dir mode=0755 24 1.46 lukem ./etc/Distfile type=file mode=0644 optional 25 1.46 lukem ./etc/amd type=dir mode=0755 optional 26 1.46 lukem ./etc/apm type=dir mode=0755 optional 27 1.46 lukem ./etc/bootparams type=file mode=0644 optional 28 1.46 lukem ./etc/bootptab type=file mode=0644 optional 29 1.46 lukem ./etc/ccd.conf type=file mode=0644 optional 30 1.66 elric ./etc/cgd type=dir mode=0700 optional 31 1.66 elric ./etc/cgd/cgd.conf type=file mode=0600 optional 32 1.48 lukem ./etc/changelist type=file mode=0644 33 1.46 lukem ./etc/crontab type=file mode=0644 optional 34 1.46 lukem ./etc/csh.cshrc type=file mode=0644 35 1.46 lukem ./etc/csh.login type=file mode=0644 36 1.46 lukem ./etc/csh.logout type=file mode=0644 37 1.46 lukem ./etc/daily type=file mode=0644 38 1.46 lukem ./etc/daily.conf type=file mode=0644 39 1.46 lukem ./etc/daily.local type=file mode=0644 optional 40 1.46 lukem ./etc/defaultdomain type=file mode=0644 optional 41 1.46 lukem ./etc/defaults type=dir mode=0755 42 1.46 lukem ./etc/defaults/daily.conf type=file mode=0444 43 1.46 lukem ./etc/defaults/monthly.conf type=file mode=0444 44 1.46 lukem ./etc/defaults/rc.conf type=file mode=0444 45 1.46 lukem ./etc/defaults/security.conf type=file mode=0444 46 1.46 lukem ./etc/defaults/weekly.conf type=file mode=0444 47 1.46 lukem ./etc/dhclient-enter-hooks type=file mode=0644 optional 48 1.46 lukem ./etc/dhclient-exit-hooks type=file mode=0644 optional 49 1.46 lukem ./etc/dhclient.conf type=file mode=0644 optional 50 1.46 lukem ./etc/dhcpd.conf type=file mode=0644 optional 51 1.46 lukem ./etc/disktab type=file mode=0644 52 1.46 lukem ./etc/dm.conf type=file mode=0644 53 1.62 cjs ./etc/dumpdates type=file mode=0664 gname=operator optional tags=exclude 54 1.46 lukem ./etc/ethers type=file mode=0644 optional 55 1.46 lukem ./etc/exports type=file mode=0644 optional 56 1.46 lukem ./etc/floppytab type=file mode=0644 57 1.46 lukem ./etc/fstab type=file mode=0644 58 1.46 lukem ./etc/ftpchroot type=file mode=0644 59 1.46 lukem ./etc/ftpd.conf type=file mode=0644 optional 60 1.46 lukem ./etc/ftpusers type=file mode=0644 61 1.46 lukem ./etc/ftpwelcome type=file mode=0644 optional 62 1.46 lukem ./etc/gateways type=file mode=0644 optional 63 1.46 lukem ./etc/gettytab type=file mode=0644 64 1.46 lukem ./etc/group type=file mode=0644 65 1.46 lukem ./etc/hesiod.conf type=file mode=0644 optional 66 1.46 lukem ./etc/hosts type=file mode=0644 67 1.46 lukem ./etc/hosts.allow type=file mode=0644 optional 68 1.46 lukem ./etc/hosts.deny type=file mode=0644 optional 69 1.46 lukem ./etc/hosts.equiv type=file mode=0600 optional 70 1.46 lukem ./etc/hosts.lpd type=file mode=0644 optional 71 1.46 lukem ./etc/ifaliases type=file mode=0644 optional 72 1.46 lukem ./etc/inetd.conf type=file mode=0644 73 1.46 lukem ./etc/ipf.conf type=file mode=0644 optional 74 1.51 veego ./etc/ipf6.conf type=file mode=0644 optional 75 1.46 lukem ./etc/ipnat.conf type=file mode=0644 optional 76 1.46 lukem ./etc/ipsec.conf type=file mode=0644 optional 77 1.46 lukem ./etc/kerberosIV type=dir mode=0755 ignore optional 78 1.46 lukem ./etc/ld.so.conf type=file mode=0644 optional 79 1.46 lukem ./etc/lkm.conf type=file mode=0644 optional 80 1.46 lukem ./etc/localtime type=link mode=0755 81 1.46 lukem ./etc/login.conf type=file mode=0644 optional 82 1.46 lukem ./etc/mail type=dir mode=0755 83 1.46 lukem ./etc/mail/aliases type=file mode=0644 84 1.47 lukem ./etc/mail/aliases.db type=file mode=0644 tags=exclude 85 1.46 lukem ./etc/mail/helpfile type=file mode=0444 86 1.46 lukem ./etc/mail/local-host-names type=file mode=0644 optional 87 1.46 lukem ./etc/mail/sendmail.cf type=file mode=0444 88 1.46 lukem ./etc/mail.rc type=file mode=0644 89 1.46 lukem ./etc/mailer.conf type=file mode=0644 90 1.46 lukem ./etc/man.conf type=file mode=0644 91 1.49 lukem ./etc/master.passwd type=file mode=0600 tags=nodiff 92 1.52 wiz ./etc/mk.conf type=file mode=0644 optional 93 1.46 lukem ./etc/moduli type=file mode=0444 94 1.46 lukem ./etc/monthly type=file mode=0644 95 1.46 lukem ./etc/monthly.conf type=file mode=0644 96 1.46 lukem ./etc/monthly.local type=file mode=0644 optional 97 1.46 lukem ./etc/mrouted.conf type=file mode=0644 98 1.46 lukem ./etc/mtree type=dir mode=0755 99 1.46 lukem ./etc/mtree/special type=file mode=0444 100 1.47 lukem ./etc/mtree/special.local type=file mode=0644 optional 101 1.46 lukem ./etc/mygate type=file mode=0644 optional 102 1.46 lukem ./etc/myname type=file mode=0644 optional 103 1.46 lukem ./etc/named.conf type=file mode=0644 optional 104 1.46 lukem ./etc/namedb type=dir mode=0755 105 1.46 lukem ./etc/netconfig type=file mode=0644 106 1.46 lukem ./etc/netgroup type=file mode=0644 optional 107 1.47 lukem ./etc/netgroup.db type=file mode=0644 optional tags=exclude 108 1.46 lukem ./etc/netstart.local type=file mode=0644 optional 109 1.46 lukem ./etc/networks type=file mode=0644 110 1.46 lukem ./etc/newsyslog.conf type=file mode=0644 111 1.46 lukem ./etc/nsswitch.conf type=file mode=0644 112 1.46 lukem ./etc/ntp.conf type=file mode=0644 optional 113 1.46 lukem ./etc/passwd type=file mode=0644 114 1.46 lukem ./etc/passwd.conf type=file mode=0644 optional 115 1.46 lukem ./etc/phones type=file mode=0644 116 1.53 itojun ./etc/postfix type=dir mode=0755 uname=root gname=wheel optional 117 1.53 itojun ./etc/postfix/main.cf type=file mode=0444 uname=root gname=wheel optional 118 1.53 itojun ./etc/postfix/master.cf type=file mode=0444 uname=root gname=wheel optional 119 1.53 itojun ./etc/postfix/postfix-script type=file mode=0555 uname=root gname=wheel optional 120 1.56 lukem ./etc/postinstall type=file mode=0555 optional 121 1.46 lukem ./etc/ppp type=dir mode=0755 optional 122 1.46 lukem ./etc/ppp/options type=file mode=0644 optional 123 1.46 lukem ./etc/printcap type=file mode=0644 124 1.46 lukem ./etc/profile type=file mode=0644 125 1.46 lukem ./etc/protocols type=file mode=0644 126 1.46 lukem ./etc/rbootd.conf type=file mode=0644 optional 127 1.46 lukem ./etc/rc type=file mode=0644 128 1.46 lukem ./etc/rc.conf type=file mode=0644 129 1.46 lukem ./etc/rc.d type=dir mode=0755 130 1.46 lukem ./etc/rc.d/DAEMON type=file mode=0555 131 1.46 lukem ./etc/rc.d/LOGIN type=file mode=0555 132 1.50 veego ./etc/rc.d/NETWORKING type=file mode=0555 133 1.46 lukem ./etc/rc.d/SERVERS type=file mode=0555 134 1.46 lukem ./etc/rc.d/accounting type=file mode=0555 135 1.46 lukem ./etc/rc.d/altqd type=file mode=0555 136 1.46 lukem ./etc/rc.d/amd type=file mode=0555 137 1.46 lukem ./etc/rc.d/apmd type=file mode=0555 138 1.46 lukem ./etc/rc.d/bootconf.sh type=file mode=0555 139 1.46 lukem ./etc/rc.d/bootparams type=file mode=0555 140 1.46 lukem ./etc/rc.d/ccd type=file mode=0555 141 1.46 lukem ./etc/rc.d/cleartmp type=file mode=0555 142 1.46 lukem ./etc/rc.d/cron type=file mode=0555 143 1.46 lukem ./etc/rc.d/dhclient type=file mode=0555 144 1.46 lukem ./etc/rc.d/dhcpd type=file mode=0555 145 1.46 lukem ./etc/rc.d/dhcrelay type=file mode=0555 146 1.46 lukem ./etc/rc.d/dmesg type=file mode=0555 147 1.46 lukem ./etc/rc.d/downinterfaces type=file mode=0555 148 1.46 lukem ./etc/rc.d/fsck type=file mode=0555 149 1.46 lukem ./etc/rc.d/inetd type=file mode=0555 150 1.46 lukem ./etc/rc.d/ipfilter type=file mode=0555 151 1.46 lukem ./etc/rc.d/ipmon type=file mode=0555 152 1.46 lukem ./etc/rc.d/ipnat type=file mode=0555 153 1.46 lukem ./etc/rc.d/ipsec type=file mode=0555 154 1.46 lukem ./etc/rc.d/isdnd type=file mode=0555 155 1.46 lukem ./etc/rc.d/kdc type=file mode=0555 156 1.46 lukem ./etc/rc.d/ldconfig type=file mode=0555 157 1.46 lukem ./etc/rc.d/lkm1 type=file mode=0555 158 1.46 lukem ./etc/rc.d/lkm2 type=file mode=0555 159 1.46 lukem ./etc/rc.d/lkm3 type=file mode=0555 160 1.46 lukem ./etc/rc.d/local type=file mode=0555 161 1.46 lukem ./etc/rc.d/lpd type=file mode=0555 162 1.58 jmcneill ./etc/rc.d/mixerctl type=file mode=0555 163 1.46 lukem ./etc/rc.d/mopd type=file mode=0555 164 1.46 lukem ./etc/rc.d/motd type=file mode=0555 165 1.46 lukem ./etc/rc.d/mountall type=file mode=0555 166 1.46 lukem ./etc/rc.d/mountcritlocal type=file mode=0555 167 1.46 lukem ./etc/rc.d/mountcritremote type=file mode=0555 168 1.46 lukem ./etc/rc.d/mountd type=file mode=0555 169 1.46 lukem ./etc/rc.d/mrouted type=file mode=0555 170 1.46 lukem ./etc/rc.d/named type=file mode=0555 171 1.46 lukem ./etc/rc.d/ndbootd type=file mode=0555 172 1.46 lukem ./etc/rc.d/network type=file mode=0555 173 1.46 lukem ./etc/rc.d/newsyslog type=file mode=0555 174 1.46 lukem ./etc/rc.d/nfsd type=file mode=0555 175 1.46 lukem ./etc/rc.d/nfslocking type=file mode=0555 176 1.46 lukem ./etc/rc.d/ntpd type=file mode=0555 177 1.46 lukem ./etc/rc.d/ntpdate type=file mode=0555 178 1.46 lukem ./etc/rc.d/poffd type=file mode=0555 179 1.46 lukem ./etc/rc.d/postfix type=file mode=0555 180 1.46 lukem ./etc/rc.d/ppp type=file mode=0555 181 1.46 lukem ./etc/rc.d/pwcheck type=file mode=0555 182 1.46 lukem ./etc/rc.d/quota type=file mode=0555 183 1.46 lukem ./etc/rc.d/racoon type=file mode=0555 184 1.46 lukem ./etc/rc.d/raidframe type=file mode=0555 185 1.64 abs ./etc/rc.d/raidframeparity type=file mode=0555 186 1.46 lukem ./etc/rc.d/rarpd type=file mode=0555 187 1.46 lukem ./etc/rc.d/rbootd type=file mode=0555 188 1.46 lukem ./etc/rc.d/root type=file mode=0555 189 1.46 lukem ./etc/rc.d/route6d type=file mode=0555 190 1.46 lukem ./etc/rc.d/routed type=file mode=0555 191 1.46 lukem ./etc/rc.d/rpcbind type=file mode=0555 192 1.46 lukem ./etc/rc.d/rtadvd type=file mode=0555 193 1.46 lukem ./etc/rc.d/rtsold type=file mode=0555 194 1.46 lukem ./etc/rc.d/rwho type=file mode=0555 195 1.46 lukem ./etc/rc.d/savecore type=file mode=0555 196 1.46 lukem ./etc/rc.d/screenblank type=file mode=0555 197 1.46 lukem ./etc/rc.d/securelevel type=file mode=0555 198 1.46 lukem ./etc/rc.d/sendmail type=file mode=0555 199 1.46 lukem ./etc/rc.d/sshd type=file mode=0555 200 1.46 lukem ./etc/rc.d/swap1 type=file mode=0555 201 1.46 lukem ./etc/rc.d/swap2 type=file mode=0555 202 1.46 lukem ./etc/rc.d/sysctl type=file mode=0555 203 1.46 lukem ./etc/rc.d/sysdb type=file mode=0555 204 1.46 lukem ./etc/rc.d/syslogd type=file mode=0555 205 1.46 lukem ./etc/rc.d/timed type=file mode=0555 206 1.46 lukem ./etc/rc.d/ttys type=file mode=0555 207 1.46 lukem ./etc/rc.d/virecover type=file mode=0555 208 1.61 lukem ./etc/rc.d/wdogctl type=file mode=0555 209 1.46 lukem ./etc/rc.d/wscons type=file mode=0555 210 1.59 yamt ./etc/rc.d/wsmoused type=file mode=0555 211 1.46 lukem ./etc/rc.d/xdm type=file mode=0555 212 1.46 lukem ./etc/rc.d/xfs type=file mode=0555 213 1.46 lukem ./etc/rc.d/ypbind type=file mode=0555 214 1.46 lukem ./etc/rc.d/yppasswdd type=file mode=0555 215 1.46 lukem ./etc/rc.d/ypserv type=file mode=0555 216 1.46 lukem ./etc/rc.lkm type=file mode=0644 217 1.46 lukem ./etc/rc.local type=file mode=0644 optional 218 1.46 lukem ./etc/rc.shutdown type=file mode=0644 219 1.46 lukem ./etc/rc.shutdown.local type=file mode=0644 optional 220 1.46 lukem ./etc/rc.subr type=file mode=0644 221 1.46 lukem ./etc/remote type=file mode=0644 222 1.46 lukem ./etc/resolv.conf type=file mode=0644 optional 223 1.46 lukem ./etc/rpc type=file mode=0644 224 1.46 lukem ./etc/rtadvd.conf type=file mode=0644 optional 225 1.46 lukem ./etc/security type=file mode=0644 226 1.46 lukem ./etc/security.conf type=file mode=0644 227 1.46 lukem ./etc/security.local type=file mode=0644 optional 228 1.46 lukem ./etc/services type=file mode=0644 229 1.46 lukem ./etc/shells type=file mode=0644 230 1.47 lukem ./etc/shosts.equiv type=file mode=0600 optional 231 1.47 lukem ./etc/spwd.db type=file mode=0600 tags=exclude 232 1.55 lukem ./etc/ssh type=dir mode=0755 optional 233 1.57 lukem ./etc/ssh/ssh_config type=file mode=0644 optional 234 1.54 itojun ./etc/ssh/ssh_host_dsa_key type=file mode=0600 optional tags=nodiff 235 1.54 itojun ./etc/ssh/ssh_host_dsa_key.pub type=file mode=0644 optional 236 1.54 itojun ./etc/ssh/ssh_host_key type=file mode=0600 optional tags=nodiff 237 1.54 itojun ./etc/ssh/ssh_host_key.pub type=file mode=0644 optional 238 1.54 itojun ./etc/ssh/ssh_host_rsa_key type=file mode=0600 optional tags=nodiff 239 1.54 itojun ./etc/ssh/ssh_host_rsa_key.pub type=file mode=0644 optional 240 1.54 itojun ./etc/ssh/ssh_known_hosts type=file mode=0644 optional 241 1.54 itojun ./etc/ssh/ssh_known_hosts2 type=file mode=0644 optional 242 1.57 lukem ./etc/ssh/sshd_config type=file mode=0644 optional 243 1.46 lukem ./etc/sysctl.conf type=file mode=0644 244 1.46 lukem ./etc/syslog.conf type=file mode=0644 245 1.46 lukem ./etc/ttyaction type=file mode=0644 optional 246 1.46 lukem ./etc/ttys type=file mode=0644 247 1.46 lukem ./etc/usermgmt.conf type=file mode=0644 optional 248 1.46 lukem ./etc/weekly type=file mode=0644 249 1.46 lukem ./etc/weekly.conf type=file mode=0644 250 1.46 lukem ./etc/weekly.local type=file mode=0644 optional 251 1.46 lukem ./etc/wscons.conf type=file mode=0644 252 1.1 cgd 253 1.46 lukem ./root type=dir mode=0755 254 1.46 lukem ./root/.cshrc type=file mode=0644 255 1.46 lukem ./root/.klogin type=file mode=0600 optional 256 1.46 lukem ./root/.login type=file mode=0644 257 1.46 lukem ./root/.profile type=file mode=0644 258 1.46 lukem ./root/.rhosts type=file mode=0600 optional 259 1.47 lukem ./root/.shosts type=file mode=0600 optional 260 1.47 lukem ./root/.ssh type=dir mode=0700 optional 261 1.47 lukem ./root/.ssh/authorized_keys type=file mode=0600 optional 262 1.47 lukem ./root/.ssh/authorized_keys2 type=file mode=0600 optional 263 1.47 lukem ./root/.ssh/config type=file mode=0644 optional 264 1.49 lukem ./root/.ssh/id_dsa type=file mode=0600 optional tags=nodiff 265 1.47 lukem ./root/.ssh/id_dsa.pub type=file mode=0644 optional 266 1.49 lukem ./root/.ssh/id_rsa type=file mode=0600 optional tags=nodiff 267 1.47 lukem ./root/.ssh/id_rsa.pub type=file mode=0644 optional 268 1.49 lukem ./root/.ssh/identity type=file mode=0600 optional tags=nodiff 269 1.47 lukem ./root/.ssh/identity.pub type=file mode=0644 optional 270 1.47 lukem ./root/.ssh/known_hosts type=file mode=0644 optional 271 1.47 lukem ./root/.ssh/known_hosts2 type=file mode=0644 optional 272 1.1 cgd 273 1.46 lukem ./sbin type=dir mode=0755 ignore 274 1.1 cgd 275 1.46 lukem ./usr type=dir mode=0755 276 1.46 lukem ./usr/bin type=dir mode=0755 ignore 277 1.46 lukem ./usr/games type=dir mode=0755 optional 278 1.46 lukem ./usr/games/hide type=dir mode=0750 gname=games ignore optional 279 1.46 lukem ./usr/include type=dir mode=0755 ignore 280 1.46 lukem ./usr/lib type=dir mode=0755 ignore 281 1.46 lukem ./usr/libdata type=dir mode=0755 ignore 282 1.46 lukem ./usr/libexec type=dir mode=0755 ignore 283 1.46 lukem ./usr/local type=dir mode=0755 284 1.46 lukem ./usr/local/bin type=dir mode=0755 ignore 285 1.46 lukem ./usr/local/lib type=dir mode=0755 ignore 286 1.46 lukem ./usr/pkg type=dir mode=0755 ignore optional 287 1.46 lukem ./usr/sbin type=dir mode=0755 ignore 288 1.46 lukem ./usr/share type=dir mode=0755 ignore 289 1.46 lukem 290 1.46 lukem ./var type=dir mode=0755 291 1.46 lukem ./var/account type=dir mode=0755 292 1.47 lukem ./var/account/acct type=file mode=0644 optional tags=exclude 293 1.46 lukem ./var/at type=dir mode=0755 ignore 294 1.46 lukem ./var/backups type=dir mode=0755 ignore 295 1.46 lukem ./var/cron type=dir mode=0755 296 1.46 lukem ./var/cron/tabs type=dir mode=0700 297 1.46 lukem ./var/cron/tabs/root type=file mode=0600 298 1.46 lukem ./var/db type=dir mode=0755 299 1.47 lukem ./var/db/kvm.db type=file mode=0644 tags=exclude 300 1.46 lukem ./var/log type=dir mode=0755 301 1.47 lukem ./var/log/authlog type=file mode=0600 optional tags=exclude 302 1.47 lukem ./var/log/wtmp type=file mode=0644 tags=exclude 303 1.65 perry ./var/log/wtmpx type=file mode=0644 tags=exclude 304 1.46 lukem ./var/mail type=dir mode=1777 ignore 305 1.46 lukem ./var/preserve type=dir mode=0755 ignore 306 1.46 lukem ./var/run type=dir mode=0755 307 1.47 lukem ./var/run/utmp type=file mode=0664 gname=utmp tags=exclude 308 1.63 wiz ./var/run/utmpx type=file mode=0664 gname=utmp tags=exclude 309 1.46 lukem ./var/spool type=dir mode=0755 310 1.46 lukem ./var/spool/ftp type=dir mode=0755 optional 311 1.46 lukem ./var/spool/ftp/bin type=dir mode=0755 optional 312 1.46 lukem ./var/spool/ftp/bin/ls type=file mode=0555 optional 313 1.46 lukem ./var/spool/ftp/etc type=dir mode=0755 optional 314 1.46 lukem ./var/spool/ftp/etc/group type=file mode=0644 optional 315 1.46 lukem ./var/spool/ftp/etc/localtime type=file mode=0644 optional 316 1.46 lukem ./var/spool/ftp/etc/master.passwd type=file mode=0600 optional 317 1.46 lukem ./var/spool/ftp/etc/passwd type=file mode=0644 optional 318 1.46 lukem ./var/spool/ftp/hidden type=dir mode=0111 ignore optional 319 1.46 lukem ./var/spool/ftp/pub type=dir mode=0775 ignore optional 320 1.46 lukem ./var/spool/mqueue type=dir mode=0755 ignore 321 1.46 lukem ./var/spool/output type=dir mode=0755 ignore 322 1.46 lukem ./var/spool/uucp type=dir mode=0755 uname=uucp gname=daemon ignore optional 323 1.46 lukem ./var/spool/uucppublic type=dir mode=1777 uname=uucp gname=daemon ignore optional 324 1.46 lukem ./var/yp type=dir mode=0755 325 1.46 lukem ./var/yp/Makefile type=file mode=0644 optional 326
Indexes created Wed Nov 05 22:09:55 GMT 2025