Last change
on this file since 2773 was
2293,
checked in by ezyang, 12 years ago
|
File capabilities respect nosuid too (https://github.com/torvalds/linux/blob/v3.5/security/commoncap.c#L434), so omit /var/lib/mock fscap files too.
|
File size:
257 bytes
|
Line | |
---|
1 | MAILTO=scripts-root@mit.edu |
---|
2 | 27 5 * * * root find / -xdev -not -perm -o=x -prune -o -type f -print0 | xargs -0r /usr/sbin/getcap | cut -d' ' -f1 | grep -Fxvf /etc/scripts/allowed-filecaps.list | grep -ve ^/var/lib/mock/ | sed 's/^/Extra file_caps binary: /' |
---|
Note: See
TracBrowser
for help on using the repository browser.