diff --git a/Shorewall/install.sh b/Shorewall/install.sh index 537edd434..3cdf5a8bf 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -249,10 +249,6 @@ echo "Shorewall script installed in ${PREFIX}${DEST}/$INIT" mkdir -p ${PREFIX}/etc/shorewall mkdir -p ${PREFIX}/usr/share/shorewall mkdir -p ${PREFIX}/var/lib/shorewall - -chmod 755 ${PREFIX}/etc/shorewall -chmod 755 ${PREFIX}/usr/share/shorewall - # # Install the config file # @@ -553,7 +549,7 @@ fi # # Install the Standard Actions file # -install_file actions.std ${PREFIX}/usr/share/shorewall/actions.std 0644 +install_file actions.std ${PREFIX}/usr/share/shorewall/actions.std 0600 echo echo "Standard actions file installed as ${PREFIX}/etc/shorewall/actions.std" @@ -561,7 +557,7 @@ echo "Standard actions file installed as ${PREFIX}/etc/shorewall/actions.std" # Install the Actions file # if [ ! -f ${PREFIX}/etc/shorewall/actions ]; then - run_install $OWNERSHIP -m 0644 actions ${PREFIX}/etc/shorewall/actions + run_install $OWNERSHIP -m 0600 actions ${PREFIX}/etc/shorewall/actions echo echo "Actions file installed as ${PREFIX}/etc/shorewall/actions" fi @@ -577,7 +573,7 @@ echo "Makefile installed as ${PREFIX}/etc/shorewall/Makefile" # Install the Action files # for f in action.* ; do - install_file $f ${PREFIX}/usr/share/shorewall/$f 0644 + install_file $f ${PREFIX}/usr/share/shorewall/$f 0600 echo echo "Action ${f#*.} file installed as ${PREFIX}/usr/share/shorewall/$f" done @@ -588,7 +584,7 @@ echo "Limit action extension script installed as ${PREFIX}/usr/share/shorewall/L # Install the Macro files # for f in macro.* ; do - install_file $f ${PREFIX}/usr/share/shorewall/$f 0644 + install_file $f ${PREFIX}/usr/share/shorewall/$f 0600 echo echo "Macro ${f#*.} file installed as ${PREFIX}/usr/share/shorewall/$f" done @@ -596,7 +592,7 @@ done # Install the program skeleton files # for f in prog.* ; do - install_file $f ${PREFIX}/usr/share/shorewall/$f 0644 + install_file $f ${PREFIX}/usr/share/shorewall/$f 0600 echo echo "Program skeleton file ${f#*.} installed as ${PREFIX}/usr/share/shorewall/$f" done diff --git a/Shorewall/shorewall.spec b/Shorewall/shorewall.spec index 9943bf724..ef310f2f1 100644 --- a/Shorewall/shorewall.spec +++ b/Shorewall/shorewall.spec @@ -67,7 +67,7 @@ fi %attr(0700,root,root) %dir /etc/shorewall %attr(0700,root,root) %dir /usr/share/shorewall %attr(0700,root,root) %dir /var/lib/shorewall -%attr(0644,root,root) %config(noreplace) /etc/shorewall/shorewall.conf +%attr(0600,root,root) %config(noreplace) /etc/shorewall/shorewall.conf %attr(0600,root,root) %config(noreplace) /etc/shorewall/zones %attr(0600,root,root) %config(noreplace) /etc/shorewall/policy %attr(0600,root,root) %config(noreplace) /etc/shorewall/interfaces @@ -101,71 +101,69 @@ fi %attr(0600,root,root) %config(noreplace) /etc/shorewall/tcdevices %attr(0600,root,root) %config(noreplace) /etc/shorewall/Makefile -%attr(0555,root,root) /sbin/shorewall +%attr(0544,root,root) /sbin/shorewall -%attr(0644,root,root) /usr/share/shorewall/version -%attr(0644,root,root) /usr/share/shorewall/actions.std -%attr(0644,root,root) /usr/share/shorewall/action.Drop -%attr(0644,root,root) /usr/share/shorewall/action.Limit -%attr(0644,root,root) /usr/share/shorewall/action.Reject -%attr(0644,root,root) /usr/share/shorewall/action.template +%attr(0600,root,root) /usr/share/shorewall/version +%attr(0600,root,root) /usr/share/shorewall/actions.std +%attr(0600,root,root) /usr/share/shorewall/action.Drop +%attr(0600,root,root) /usr/share/shorewall/action.Limit +%attr(0600,root,root) /usr/share/shorewall/action.Reject +%attr(0600,root,root) /usr/share/shorewall/action.template %attr(0444,root,root) /usr/share/shorewall/functions %attr(0544,root,root) /usr/share/shorewall/firewall %attr(0544,root,root) /usr/share/shorewall/help -%attr(0644,root,root) /usr/share/shorewall/Limit -%attr(0644,root,root) /usr/share/shorewall/macro.AllowICMPs -%attr(0644,root,root) /usr/share/shorewall/macro.Amanda -%attr(0644,root,root) /usr/share/shorewall/macro.Auth -%attr(0644,root,root) /usr/share/shorewall/macro.BitTorrent -%attr(0644,root,root) /usr/share/shorewall/macro.CVS -%attr(0644,root,root) /usr/share/shorewall/macro.Distcc -%attr(0644,root,root) /usr/share/shorewall/macro.DNS -%attr(0644,root,root) /usr/share/shorewall/macro.DropDNSrep -%attr(0644,root,root) /usr/share/shorewall/macro.DropUPnP -%attr(0644,root,root) /usr/share/shorewall/macro.Edonkey -%attr(0644,root,root) /usr/share/shorewall/macro.FTP -%attr(0644,root,root) /usr/share/shorewall/macro.Gnutella -%attr(0644,root,root) /usr/share/shorewall/macro.ICQ -%attr(0644,root,root) /usr/share/shorewall/macro.IMAP -%attr(0644,root,root) /usr/share/shorewall/macro.LDAP -%attr(0644,root,root) /usr/share/shorewall/macro.MySQL -%attr(0644,root,root) /usr/share/shorewall/macro.NNTP -%attr(0644,root,root) /usr/share/shorewall/macro.NTP -%attr(0644,root,root) /usr/share/shorewall/macro.NTPbrd -%attr(0644,root,root) /usr/share/shorewall/macro.PCA -%attr(0644,root,root) /usr/share/shorewall/macro.Ping -%attr(0644,root,root) /usr/share/shorewall/macro.POP3 -%attr(0644,root,root) /usr/share/shorewall/macro.PostgreSQL -%attr(0644,root,root) /usr/share/shorewall/macro.Rdate -%attr(0644,root,root) /usr/share/shorewall/macro.Rsync -%attr(0644,root,root) /usr/share/shorewall/macro.SMB -%attr(0644,root,root) /usr/share/shorewall/macro.SMBswat -%attr(0644,root,root) /usr/share/shorewall/macro.SMTP -%attr(0644,root,root) /usr/share/shorewall/macro.SNMP -%attr(0644,root,root) /usr/share/shorewall/macro.SPAMD -%attr(0644,root,root) /usr/share/shorewall/macro.SSH -%attr(0644,root,root) /usr/share/shorewall/macro.Submission -%attr(0644,root,root) /usr/share/shorewall/macro.SVN -%attr(0644,root,root) /usr/share/shorewall/macro.Syslog -%attr(0644,root,root) /usr/share/shorewall/macro.Telnet -%attr(0644,root,root) /usr/share/shorewall/macro.template -%attr(0644,root,root) /usr/share/shorewall/macro.Trcrt -%attr(0644,root,root) /usr/share/shorewall/macro.VNC -%attr(0644,root,root) /usr/share/shorewall/macro.VNCL -%attr(0644,root,root) /usr/share/shorewall/macro.Web -%attr(0644,root,root) /usr/share/shorewall/macro.Webmin -%attr(0644,root,root) /usr/share/shorewall/prog.footer -%attr(0644,root,root) /usr/share/shorewall/prog.header -%attr(0644,root,root) /usr/share/shorewall/rfc1918 -%attr(0644,root,root) /usr/share/shorewall/configpath +%attr(0600,root,root) /usr/share/shorewall/Limit +%attr(0600,root,root) /usr/share/shorewall/macro.AllowICMPs +%attr(0600,root,root) /usr/share/shorewall/macro.Amanda +%attr(0600,root,root) /usr/share/shorewall/macro.Auth +%attr(0600,root,root) /usr/share/shorewall/macro.BitTorrent +%attr(0600,root,root) /usr/share/shorewall/macro.CVS +%attr(0600,root,root) /usr/share/shorewall/macro.Distcc +%attr(0600,root,root) /usr/share/shorewall/macro.DNS +%attr(0600,root,root) /usr/share/shorewall/macro.DropDNSrep +%attr(0600,root,root) /usr/share/shorewall/macro.DropUPnP +%attr(0600,root,root) /usr/share/shorewall/macro.Edonkey +%attr(0600,root,root) /usr/share/shorewall/macro.FTP +%attr(0600,root,root) /usr/share/shorewall/macro.Gnutella +%attr(0600,root,root) /usr/share/shorewall/macro.ICQ +%attr(0600,root,root) /usr/share/shorewall/macro.IMAP +%attr(0600,root,root) /usr/share/shorewall/macro.LDAP +%attr(0600,root,root) /usr/share/shorewall/macro.MySQL +%attr(0600,root,root) /usr/share/shorewall/macro.NNTP +%attr(0600,root,root) /usr/share/shorewall/macro.NTP +%attr(0600,root,root) /usr/share/shorewall/macro.NTPbrd +%attr(0600,root,root) /usr/share/shorewall/macro.PCA +%attr(0600,root,root) /usr/share/shorewall/macro.Ping +%attr(0600,root,root) /usr/share/shorewall/macro.POP3 +%attr(0600,root,root) /usr/share/shorewall/macro.PostgreSQL +%attr(0600,root,root) /usr/share/shorewall/macro.Rdate +%attr(0600,root,root) /usr/share/shorewall/macro.Rsync +%attr(0600,root,root) /usr/share/shorewall/macro.SMB +%attr(0600,root,root) /usr/share/shorewall/macro.SMBswat +%attr(0600,root,root) /usr/share/shorewall/macro.SMTP +%attr(0600,root,root) /usr/share/shorewall/macro.SNMP +%attr(0600,root,root) /usr/share/shorewall/macro.SPAMD +%attr(0600,root,root) /usr/share/shorewall/macro.SSH +%attr(0600,root,root) /usr/share/shorewall/macro.Submission +%attr(0600,root,root) /usr/share/shorewall/macro.SVN +%attr(0600,root,root) /usr/share/shorewall/macro.Syslog +%attr(0600,root,root) /usr/share/shorewall/macro.Telnet +%attr(0600,root,root) /usr/share/shorewall/macro.template +%attr(0600,root,root) /usr/share/shorewall/macro.Trcrt +%attr(0600,root,root) /usr/share/shorewall/macro.VNC +%attr(0600,root,root) /usr/share/shorewall/macro.VNCL +%attr(0600,root,root) /usr/share/shorewall/macro.Web +%attr(0600,root,root) /usr/share/shorewall/macro.Webmin +%attr(0600,root,root) /usr/share/shorewall/prog.footer +%attr(0600,root,root) /usr/share/shorewall/prog.header +%attr(0600,root,root) /usr/share/shorewall/rfc1918 +%attr(0600,root,root) /usr/share/shorewall/configpath %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn Samples %changelog * Fri Jan 20 2006 Tom Eastep tom@shorewall.net - Updated to 3.1.3-1 -* Fri Jan 20 2006 Tom Eastep tom@shorewall.net -- Change security so that ordinary users can compile * Tue Jan 17 2006 Tom Eastep tom@shorewall.net - Added program skeleton Files * Sun Jan 15 2006 Tom Eastep tom@shorewall.net