mirror of
https://github.com/Kicksecure/security-misc.git
synced 2025-05-02 08:26:01 -04:00
move /usr/lib/security-misc to /usr/libexec/security-misc as per lintian FHS
This commit is contained in:
Patrick Schleizer
parent
4fadaad8c0
commit
50bdd097df
20 changed files with 57 additions and 57 deletions
|
|
@ -12,7 +12,7 @@ true "PAM_SERVICE: $PAM_SERVICE"
|
|||
if [ "$PAM_SERVICE" = "login" ]; then
|
||||
## FIXME:
|
||||
## Creates unwanted journal log entry.
|
||||
## pam_exec(login:account): /usr/lib/security-misc/pam_only_if_login failed: exit code 1
|
||||
## pam_exec(login:account): /usr/libexec/security-misc/pam_only_if_login failed: exit code 1
|
||||
exit 1
|
||||
else
|
||||
## exit success so [success=1 default=ignore] will result in skipping the
|
||||
|
|
|
|||
|
|
@ -37,6 +37,6 @@ done
|
|||
## next PAM module (the pam_tally2 module).
|
||||
##
|
||||
## Causes confusing error message:
|
||||
## pam_exec(sudo:auth): /usr/lib/security-misc/pam_tally2_not_if_x failed: exit code 1
|
||||
## pam_exec(sudo:auth): /usr/libexec/security-misc/pam_tally2_not_if_x failed: exit code 1
|
||||
## https://github.com/linux-pam/linux-pam/issues/329
|
||||
exit 1
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
## meld /var/lib/permission-hardening/existing_mode/statoverride /var/lib/permission-hardening/new_mode/statoverride
|
||||
|
||||
## To undo:
|
||||
## sudo /usr/lib/security-misc/permission-hardening-undo
|
||||
## sudo /usr/libexec/security-misc/permission-hardening-undo
|
||||
|
||||
#set -x
|
||||
set -e
|
||||
|
|
|
|||
|
|
@ -4,32 +4,32 @@
|
|||
## See the file COPYING for copying conditions.
|
||||
|
||||
## Doing this for all users would create many issues.
|
||||
# /usr/lib/security-misc/permission-lockdown: user: root | chmod o-rwx "/root"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: daemon | chmod o-rwx "/usr/sbin"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: bin | chmod o-rwx "/bin"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: sys | chmod o-rwx "/dev"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: sync | chmod o-rwx "/bin"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: games | chmod o-rwx "/usr/games"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: man | chmod o-rwx "/var/cache/man"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: mail | chmod o-rwx "/var/mail"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: proxy | chmod o-rwx "/bin"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: backup | chmod o-rwx "/var/backups"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: systemd-timesync | chmod o-rwx "/run/systemd"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: systemd-network | chmod o-rwx "/run/systemd/netif"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: messagebus | chmod o-rwx "/var/run/dbus"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: tinyproxy | chmod o-rwx "/run/tinyproxy"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: rtkit | chmod o-rwx "/proc"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: colord | chmod o-rwx "/var/lib/colord"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: Debian-exim | chmod o-rwx "/var/spool/exim4"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: debian-tor | chmod o-rwx "/var/lib/tor"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: stunnel4 | chmod o-rwx "/var/run/stunnel4"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: iodine | chmod o-rwx "/var/run/iodine"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: apt-cacher-ng | chmod o-rwx "/var/cache/apt-cacher-ng"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: statd | chmod o-rwx "/var/lib/nfs"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: timidity | chmod o-rwx "/etc/timidity"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: uuidd | chmod o-rwx "/run/uuidd"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: _rpc | chmod o-rwx "/run/rpcbind"
|
||||
# /usr/lib/security-misc/permission-lockdown: user: geoclue | chmod o-rwx "/var/lib/geoclue"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: root | chmod o-rwx "/root"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: daemon | chmod o-rwx "/usr/sbin"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: bin | chmod o-rwx "/bin"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: sys | chmod o-rwx "/dev"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: sync | chmod o-rwx "/bin"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: games | chmod o-rwx "/usr/games"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: man | chmod o-rwx "/var/cache/man"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: mail | chmod o-rwx "/var/mail"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: proxy | chmod o-rwx "/bin"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: backup | chmod o-rwx "/var/backups"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: systemd-timesync | chmod o-rwx "/run/systemd"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: systemd-network | chmod o-rwx "/run/systemd/netif"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: messagebus | chmod o-rwx "/var/run/dbus"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: tinyproxy | chmod o-rwx "/run/tinyproxy"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: rtkit | chmod o-rwx "/proc"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: colord | chmod o-rwx "/var/lib/colord"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: Debian-exim | chmod o-rwx "/var/spool/exim4"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: debian-tor | chmod o-rwx "/var/lib/tor"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: stunnel4 | chmod o-rwx "/var/run/stunnel4"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: iodine | chmod o-rwx "/var/run/iodine"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: apt-cacher-ng | chmod o-rwx "/var/cache/apt-cacher-ng"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: statd | chmod o-rwx "/var/lib/nfs"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: timidity | chmod o-rwx "/etc/timidity"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: uuidd | chmod o-rwx "/run/uuidd"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: _rpc | chmod o-rwx "/run/rpcbind"
|
||||
# /usr/libexec/security-misc/permission-lockdown: user: geoclue | chmod o-rwx "/var/lib/geoclue"
|
||||
|
||||
home_folder_access_rights_lockdown() {
|
||||
shopt -s nullglob
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue