# Sample config file for Apollos. # IMPORTANT: The permissions on Apollos, as freshly installed, # are a total disaster as far as security is concerned. If you # care about security, get hold of some scripts I have # available for anonymous FTP from maths.su.oz.au in directory # protect (and also mirror sites, notably ftp.eb.ele.tue.nl). # Also note that tripwire does not understand the intricacies # of Apollo ACLs (initial file/directory ACLs, extended ACLs, # permissions for organizations, subsystem managers: # 'subsystem login manager' is better than 'setuid root'). # Try to include everything, except what we know changes on a # running system, and things that would make tripwire hang or # bomb (or hang the node). Or you may want # +pugs15-inamc02346789 (and +pug-insamc0123456789) so you can # use the same database file on all nodes (??!!). / +pinugsmc15-a02346789 /bsd4.3/usr/lib/sendmail.st +pinug-samc0123456789 !/etc/gated.pid R !/etc/gated.version R /etc/group +pinug-samc0123456789 /etc/org +pinug-samc0123456789 /etc/passwd +pinug-samc0123456789 !/etc/sendmail.pid R =/install +pinug-samc0123456789 /lost+found.list +pinug-samc0123456789 !/sys/ns/helper_data/ns_helper.db R !/sys/ns/helper_data/ns_helper.prop R !/sys/registry/rgy_data R /sys/registry/rgy_local +pinug-samc0123456789 /sys/registry/rgy_local.bak +pinug-samc0123456789 =/usr/spool/mqueue +pinug-samc0123456789 # Remember to repeat the node_data block for all diskless # nodes (i.e. all node_data.nnnnn trees). /sys/node_data/dev/crp00 +pinug-samc0123456789 /sys/node_data/dev/crp01 +pinug-samc0123456789 /sys/node_data/dev/crp02 +pinug-samc0123456789 /sys/node_data/dev/crp03 +pinug-samc0123456789 /sys/node_data/dev/crp04 +pinug-samc0123456789 /sys/node_data/dev/crp05 +pinug-samc0123456789 /sys/node_data/dev/crp06 +pinug-samc0123456789 /sys/node_data/dev/crp07 +pinug-samc0123456789 /sys/node_data/dev/crp08 +pinug-samc0123456789 /sys/node_data/dev/crp09 +pinug-samc0123456789 /sys/node_data/dev/crp10 +pinug-samc0123456789 /sys/node_data/dev/crp11 +pinug-samc0123456789 /sys/node_data/dev/crp12 +pinug-samc0123456789 /sys/node_data/dev/crp13 +pinug-samc0123456789 /sys/node_data/dev/crp14 +pinug-samc0123456789 /sys/node_data/dev/crp15 +pinug-samc0123456789 !/sys/node_data/dpci1_trace1 R !/sys/node_data/dpci1_trace2 R !/sys/node_data/dpci1_trace3 R !/sys/node_data/dpci1_xpombx1 R !/sys/node_data/dpci1_xpombx2 R !/sys/node_data/dpci1_xpombx3 R !/sys/node_data/dpci_dump_log R !/sys/node_data/dpcinet_trace0 R !/sys/node_data/dpcinet_trace1 R !/sys/node_data/dpcinet_trace2 R !/sys/node_data/dpcinet_trace3 R !/sys/node_data/dpcinet_trace4 R !/sys/node_data/dpcinet_xpombx R !/sys/node_data/dpcipcc_server0 R !/sys/node_data/dpcipcc_server_trace0 R !/sys/node_data/dpcipcc_trace0 R !/sys/node_data/dpcipcc_xpombx R /sys/node_data/etc/.rgyloc +pinug-samc0123456789 /sys/node_data/etc/fstab +pinug-samc0123456789 /sys/node_data/etc/mnttab +pinug-samc0123456789 !/sys/node_data/etc/named.pid R !/sys/node_data/etc/syslog.pid R /sys/node_data/etc/utmp +pinug-samc0123456789 !/sys/node_data/glb.d R !/sys/node_data/glb.r R !/sys/node_data/hint_file R /sys/node_data/ipc_data +pinug-samc0123456789 !/sys/node_data/os_paging_file R =/sys/node_data/paste_buffers +pinug-samc0123456789 =/sys/node_data/proc_dir +pinug-samc0123456789 =/sys/node_data/system_logs +pinug-samc0123456789 =/sys/node_data/systmp +pinug-samc0123456789 =/sys/node_data/tmp +pinug-samc0123456789 =/sys/node_data/usrtmp +pinug-samc0123456789