Re: /usr/bin/login patch question

From: Cy Schubert - ITSD Open Systems Group (Cy.Schubert@uumail.gov.bc.ca)
Date: 12/31/01


From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
To: "Peter L. Ashford" <ashford@SDSC.EDU>
Date: Mon, 31 Dec 2001 11:25:44 -0800

In message <Pine.SGI.4.30.0112311049320.1067-100000@wizard.sdsc.edu>,
"Peter L.
 Ashford" writes:
> The 'chmod' command does not change the modification time of the inode.
> This is also true for other, similar, commands ('chown', 'chgrp', etc.).
> That time is only changed when a write to the file is performed. There is
> a field in the inode ('ic_ctime') that should be updated when a 'chmod'
> command is executed. This information can be accessed with the '-c'
> option of 'ls'. I don't know how you could change Tripwire to do this,
> but it seems to me that it would be useful.

Ctime is not what it seems. Veritas NetBackup, for example,will by
default reset atime to what it was prior to a file being backed up,
causing ctime to be altered. This is definitely a nuisance, sometimes
even a show stopper, when performing forensic analysis after an event.

As you said this also affects tripwire. You an alter tripwire's policy
file to ignore ctime.

Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Team Leader, Sun/Alpha Team Email: Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD
Ministry of Management Services
Province of BC
                    FreeBSD UNIX: cy@FreeBSD.org



Relevant Pages

  • coreutils-5.94 released [stable]
    ... [basename cat chgrp chmod chown chroot cksum comm cp csplit cut date dd ... If that command fails because you don't have the required public key, ...
    (gnu.announce)
  • Re: inode table
    ... The inode table can only be manipulated by a kernel ... and the left and right arrow keys to edit the command. ... ''; it redirects standard input. ... though one can always use 'cat', ...
    (comp.os.linux.setup)
  • Re: functional differences between cp and mv
    ... Your daemon will still be writing to the ... restart logging to grab the new inode of your newly created trace.log file. ... thus having the process continue to write entries to the old original ... When using the web based GUI admin console or the command line admin ...
    (comp.unix.admin)
  • Re: Hard to believe but...
    ... the config file is written, I need to run some update routine or something, ... a list of command, but not much explanation (the kind that's suppose to ... chmod 777 is your friend. ...
    (rec.games.computer.ultima.dragons)
  • Re: How to set file attributes
    ... file with an editor, the cat command, or the touch command (see 'man ... File permissions are set with the chmod command. ... web server process, and that may not be your own user id. ...
    (comp.lang.perl.misc)