>>>>> The moving finger of Randy Mikesell, having written: Randy> Be careful on what you suggest. The last I heard, even Sun does not Randy> recommend that you run ASET in high. I know of more than one box that Randy> was trashed because the SA set ASET to high. It is a long and painfull Randy> process to restore the system after ASET is finished with it. It may be Randy> better to keep up on the patches and run scripts or other tools to keep Randy> track of the permissions. I highly recommend cfengine (GNU software) to set owner/group/permissions for such things. We've been using cfengine to "repair" vendor file permissions for over a year, as well as install all kinds of extra software, such as Kerberos, SSH, logdaemon, tcp_wrappers, etc. A find followed by a cfengine run is a good idea. Letting cfengine run every morning and at every re-boot is a Great Idea. A self-healing installation. -- Tom E. Perrine (tepat_private) | San Diego Supercomputer Center http://www.sdsc.edu/~tep/ | Voice: +1.619.534.5000 I miss my 36-bit friends: Multics, TOPS-10, and TOPS-20.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:38:51 PDT