| Re: [chrony-users] Chrony permissions question. |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-users Archives
]
- To: "chrony-users@xxxxxxxxxxxxxxxxxxxx" <chrony-users@xxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [chrony-users] Chrony permissions question.
- From: "Kohr, Alexander" <Alexander.Kohr@xxxxxxxxxxxxxxx>
- Date: Thu, 2 Jan 2020 17:03:39 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 155.247.195.53) smtp.rcpttodomain=chrony.tuxfamily.org smtp.mailfrom=tuhs.temple.edu; dmarc=bestguesspass action=none header.from=tuhs.temple.edu; dkim=none (message not signed); arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0RheCRJ6fXBt78Fh6bSx/pFYJAnBQj7fnUeA7KtJ/oQ=; b=hofBnGbKz4fmo65wsdPQI8IaXeSrm3QeWbZtJs1eHYzyC8tG7RaXChU1Qe3AUNWrtvT0DuGbBzqJjFTC4xbKOFmGzJUrq1kLAP4C84xaWLQXULwnOAeQixN58TI+MvqDAyXs8j6XRZMiQgpNOuys9wgVb8721sW67jR3OHhmpUgO5JflgDvAa/yWaF3xYRQ0zYdq/5hzBNKqymRUHtjcLLOzGoDKeKlotSHY+iemaBvLlgTuwuSSXoATiLXvCEU0ly6T1to7qwzYoF1J3tL7XE1cRLX6gzeQGs593YbNkodPJ+kQl/AGmc3h5PiwScUKZgUqEijzghm9NyePMON9MQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jAYnsEQ7kvxersfV8Dq3NqGVXV8HJm3Iu9C4huyaAYbZYSYnrulmwIlEQWhUYMLW5L/+CtU1AlMoJTCe+mXRW0N8QnlLCOWsCWHMUO3qCpT+Lo5vR7lY7dWH/0EAQnSRE8eIMJsnM6QdFFQn3j5El4L74ED8ygZ4xWIbgBS53Dq1ll5WGm3eB4dCS0cyPuCiq6j3Mzd3gp+40FPjVh9R2c7w8i3S3tW7DGLQAquioRhxGrdRRmpIDz1+Ln2XTuqgyt+wUpTZGB54TYz99U2Q7/TXmldY0SsAVhEW+zb5O6IHYTtCeOWaOvkyyawHvOwoEgfm4da/qNUQOXApCZUkSQ==
- Authentication-results: spf=pass (sender IP is 155.247.195.53) smtp.mailfrom=tuhs.temple.edu; chrony.tuxfamily.org; dkim=none (message not signed) header.d=none;chrony.tuxfamily.org; dmarc=bestguesspass action=none header.from=tuhs.temple.edu;
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tuhs.onmicrosoft.com; s=selector2-tuhs-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0RheCRJ6fXBt78Fh6bSx/pFYJAnBQj7fnUeA7KtJ/oQ=; b=m9vF+Rag4s2ufZdRkZJi8baHyE79A6sPisbf5b1XHYzYZ+wdAc4jNcARskuEdEvViNXO+sKj8VmCbHKQqa1a0DsgvSpV7rJoQgyd3p/9XeeaBuup4g2YrrGAJiY4ZswfO8sFa1LHuvKl/+Zb3UTWEQeu4Eo/k2iMBMWvXR7QW20=
- Thread-index: AdW3TowqzGQDowVzT/WQR79yPSPoZAKIxUwAAAc8syo=
- Thread-topic: [chrony-users] Chrony permissions question.
Thank you. I’ll tell them to look into updating there their tools reports to exclude this directory.
Sent from my iPhone
> On Jan 2, 2020, at 3:36 AM, Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:
>
> EXTERNAL MESSAGE. DO NOT open attachments or click links from unknown senders or unknown emails.
> ________________________________
>
>
>> On Fri, Dec 20, 2019 at 04:30:52PM +0000, Kohr, Alexander wrote:
>> I know in RHEL 7 the default location of the drift file sis the home directory of /var/lib/chrony. (I also know it is the recommended location for some other files if they are enabled in the chrony configuration.)
>> Is there a reasons that the chrony home directory is /var/lib/chrony instead of something else, that does not contain the drift file?
>
> The package contains just two directories, /var/lib/chrony and
> /var/log/chrony. The former seems like a better "home" directory to
> me. When I look in /etc/passwd, there are quite a few other daemons
> that have a home directory in /var/lib. If it was changed to /, it
> would still be readable by everyone.
>
>> If so is there a reason that the chrony home directory permission are 755 instead of 750 or 700?
>
> The reason is that it contains files that could be useful to all users
> of the system, e.g. to read the drift of the system clock, or see that
> the daemon is still working.
>
> --
> Miroslav Lichvar
>
>
> --
> To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
> with "unsubscribe" in the subject.
> For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
> with "help" in the subject.
> Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.
>
________________________________
This electronic message is intended to be for the use of the named recipient, and may contain information that is confidential or privileged. This communication may contain protected health information (PHI) that is legally protected from inappropriate disclosure by the Privacy Standards of the Health Insurance Portability and Accountability Act (HIPAA) and relevant Pennsylvania Laws. You can direct questions concerning PHI or HIPAA to the Corporate Compliance and Privacy Officer at (215) 707-5605. If you are not the intended recipient, please note that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this message in error, you should notify the sender immediately by telephone or by return e-mail and delete and destroy all copies of this message.
N������y隊W!����������n���\���"�������z)�.n7��Z+��f����|�������'��}���*+�������)�.n7��:蹹^�f��X��f����'��}���*+