[BlueOnyx:03828] Re: Changing procmail from mbox to Maildir

Chuck Tetlow chuck at tetlow.net
Thu Mar 4 12:36:03 -05 2010 

There is a way to protect files from any changes - even root can't change them.  Set the "immutable" bit.

Besides the standard file attributes in a Linux ext2/3/4 filesystem, there are extended attributes.  One of them is the immutable bit.  It prevents any changes to the file - whether by the system, by a user, or by root.  Check the extended attributes in a directory using the "lsattr" command.  It works like the "ls" command, but shows the extended attributes.  If the immutable bit is set - there will be a "i" listed against that file.  Change it with "chattr".

So to protect the /etc/procmail file, use "chattr +i /etc/procmail" command.  And you can verify the change took by using "lsattr /etc" and look for the lowercase i in front of the procmail filename.  And if you really want to check it - try vi'ing the file afterward.  You won't be able to make any changes.

This is how I protect my custom IPTables rules from BQ and BX.  I don't know why - but BQ/BX keeps making changes to that configuration file in /etc/sysconfig.  So I just set it immutable and nothing can change it.  My primary reason for this - I don't want my servers accepting TCP port25 connections from anything but our Roaring Penguin SPAM filter.  That's how I lock out all the scumbags who send SPAM by IP address instead of using the MX records.

Chuck

---------- Original Message -----------
From: Menno Jansz <menno at jansz.com> 
To: blueonyx at blueonyx.it 
Sent: Thu, 04 Mar 2010 11:47:07 +0000 
Subject: [BlueOnyx:03804] Re: Changing procmail from mbox to Maildir

> Thanks for all the info Tobias, that has confirmed what I have researched and 
> filled in some missing gaps. 
> 
> > 1) You have to protect your changed /etc/procmail somehow - this file is 
> > changed by some rpm-updates without notice. 
> 
> I have been thinking about this, and couldnt figure out a way I could stop yum 
> updates from overwriting files. Does anyone have a way to protect files? 
> 
> That is my main worry about changing over the server to qmail. Dont 
> want to all 
> off a sudden find the config changes reversed by some yum update. 
> 
> As the old server I'm moving accounts from is qmail, it would really be 
> simpler 
> to be able to just stick with qmail. 
> 
> Cheers, 
> Menno 
> 
> _______________________________________________ 
> Blueonyx mailing list 
> Blueonyx at blueonyx.it 
> http://www.blueonyx.it/mailman/listinfo/blueonyx 
------- End of Original Message -------
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20100304/9022d5c6/attachment.html>

More information about the Blueonyx mailing list