diff options
| author | Dru Lavigne <dru@FreeBSD.org> | 2014-03-31 15:03:21 +0000 |
|---|---|---|
| committer | Dru Lavigne <dru@FreeBSD.org> | 2014-03-31 15:03:21 +0000 |
| commit | 38bc8da495bcb8476328afb396daea226b004cc4 (patch) | |
| tree | cba729bcbbe0ff0183c575117754217489abf8e3 /en_US.ISO8859-1/books/handbook/mac/chapter.xml | |
| parent | 3b7ece0cf2561a51d433b9b12935f3bfeda9455e (diff) | |
| download | doc-38bc8da495bcb8476328afb396daea226b004cc4.tar.gz doc-38bc8da495bcb8476328afb396daea226b004cc4.zip | |
As per discussion with trhodes, update Nagios example with the
less verbose example suggested in PR148984.
Sponsored by: iXsystems
Notes
Notes:
svn path=/head/; revision=44397
Diffstat (limited to 'en_US.ISO8859-1/books/handbook/mac/chapter.xml')
| -rw-r--r-- | en_US.ISO8859-1/books/handbook/mac/chapter.xml | 27 |
1 files changed, 9 insertions, 18 deletions
diff --git a/en_US.ISO8859-1/books/handbook/mac/chapter.xml b/en_US.ISO8859-1/books/handbook/mac/chapter.xml index 58fe4b9183..b33b4f1c87 100644 --- a/en_US.ISO8859-1/books/handbook/mac/chapter.xml +++ b/en_US.ISO8859-1/books/handbook/mac/chapter.xml @@ -1463,37 +1463,28 @@ mac_seeotheruids_load="YES"</programlisting> <programlisting># This is the default BIBA policy for this system. # System: -/var/run biba/equal -/var/run/* biba/equal +/var/run(/.*)? biba/equal -/dev biba/equal -/dev/* biba/equal +/dev/(/.*)? biba/equal /var biba/equal -/var/spool biba/equal -/var/spool/* biba/equal +/var/spool(/.*)? biba/equal -/var/log biba/equal -/var/log/* biba/equal +/var/log(/.*)? biba/equal -/tmp biba/equal -/tmp/* biba/equal -/var/tmp biba/equal -/var/tmp/* biba/equal +/tmp(/.*)? biba/equal +/var/tmp(/.*)? biba/equal /var/spool/mqueue biba/equal /var/spool/clientmqueue biba/equal # For Nagios: -/usr/local/etc/nagios -/usr/local/etc/nagios/* biba/10 +/usr/local/etc/nagios(/.*)? biba/10 -/var/spool/nagios biba/10 -/var/spool/nagios/* biba/10 +/var/spool/nagios(/.*)? biba/10 # For apache -/usr/local/etc/apache biba/10 -/usr/local/etc/apache/* biba/10</programlisting> +/usr/local/etc/apache(/.*)? biba/10</programlisting> <para>This policy enforces security by setting restrictions on the flow of information. In this specific configuration, |