Daily Security is compiling about my backup drive
Matthew Seaman
matthew at FreeBSD.org
Tue Jun 11 12:57:02 UTC 2019
On 11/06/2019 13:36, @lbutlr wrote:
> On May 31, 2019, at 6:09 AM, @lbutlr <kremels at kreme.com> wrote:
>> The Daily Security update email that FreeBS generates is reporting a lot of error on my /mnt/backup drive (like setuid errors). Is there a way to let the periodic process ignore this mount point?
>
> I’ve been looking for information on how to do this, and have come up empty.
>
> It’s about 1000 lines every day.
>
> /etc/periodic/security/100.chksetuid is the file that runs the check, but I am hesitant to edit the file.
>
> I can disable the check entirely
>
> /etc/defaults/periodic.conf:security_status_chksetuid_enable=“YES"
>
> But I only want to exclude /mnt/backup from the check. It appears the only thing I could do is exclude /usr/local/bin from my backups (which I can’t do as many of those executables are custom local binaries and scripts) or to edit the 100.chksetuid file and set $MP manually.
>
If you mount your backup drive nosuid then 100.chksetuid will ignore it.
IIRC you can still set the suid bit on a file, but mounting the
filesystem nosuid means it will have no effect.
Cheers,
Matthew
More information about the freebsd-questions
mailing list