[KLUG Members] RCS help

Bob Kanaley members@kalamazoolinux.org
Tue, 5 Nov 2002 12:35:07 -0500

Previous message: [KLUG Members] Centralized authentication w/NIS Samba and LDAP
Next message: [KLUG Members] RCS help
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Bruce et al.,

Your posts about using RCS to track your configuration files changes
inspired me to work more diligently at tracking my configuration file
changes. RCS works great for files in /etc that are typically owned by root,
but I still find it awkward to maintain my config RCS files when the config
files have to be owned by non-shell accounts used for chrooted services like
DNS and Postfix.

<rant/ I know that the current versions of BIND drop privileges after
startup (as does Postfix), but I still like to run services chrooted
whenever I can. Call me a paranoid system administrator, but as far as I am
concerned, running chrooted services is just one more level of security. I
got burned once when I missed an upgrade from BIND 8.2.2 to 8.2.3 by a
couple of weeks. I don’t want anything like that to ever happen again. /end
rant>

Because the chroot account is a non-privileged, non-shell account, I have to
edit the configuration files as root. Then, as root, I have to check the
edited files back into RCS with a co -l. RCS complains that root doesn’t own
the files, and asks if I want to take ownership. If I take ownership, I can
log the changes in, but then I have to chown the config file and the rcs,v
file back to the chroot account.

Am I missing something simple here? Are there any easy solutions to managing
these non-shell accounts, or am I really asking RCS to do something it is
not designed to do?

Bob


Robert V. Kanaley
Manager Information Systems
Agdia, Inc.
rvk@agdia.com
http://www.agdia.com

Previous message: [KLUG Members] Centralized authentication w/NIS Samba and LDAP
Next message: [KLUG Members] RCS help
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]