From owner-freebsd-questions@FreeBSD.ORG  Fri Feb 17 16:13:09 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7744016A420
	for <freebsd-questions@freebsd.org>;
	Fri, 17 Feb 2006 16:13:09 +0000 (GMT)
	(envelope-from jerrymc@clunix.cl.msu.edu)
Received: from clunix.cl.msu.edu (clunix.cl.msu.edu [35.9.2.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CD29743D49
	for <freebsd-questions@freebsd.org>;
	Fri, 17 Feb 2006 16:13:08 +0000 (GMT)
	(envelope-from jerrymc@clunix.cl.msu.edu)
Received: from clunix.cl.msu.edu (localhost [127.0.0.1])
	by clunix.cl.msu.edu (8.12.10+Sun/8.12.2) with ESMTP id k1HGD8iU012892; 
	Fri, 17 Feb 2006 11:13:08 -0500 (EST)
Received: (from jerrymc@localhost)
	by clunix.cl.msu.edu (8.12.10+Sun/8.12.2/Submit) id k1HGD8nT012891;
	Fri, 17 Feb 2006 11:13:08 -0500 (EST)
From: Jerry McAllister <jerrymc@clunix.cl.msu.edu>
Message-Id: <200602171613.k1HGD8nT012891@clunix.cl.msu.edu>
To: stefan@sf-net.com (Stefan)
Date: Fri, 17 Feb 2006 11:13:08 -0500 (EST)
In-Reply-To: <5A0111C5-E4BC-440A-9BFA-B4B96B70DA89@sf-net.com>
X-Mailer: ELM [version 2.5 PL7]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: daily security output usr/src should be gid = 9 = man
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Feb 2006 16:13:09 -0000

> 
> Hi,
> 
> is this the right behaviour that /usr/src should be labeled with gid  
> 9 which is the group man? When I label /usr/src with the group wheel  
> I get a daily security output like this:

When you say 'label' do you mean using chown or chgrp?

> 
> Checking special files and directories.
> Output format is:
> 	filename:
> 		criteria (shouldbe, reallyis)
> usr/src:
> 	gid (9, 0)
> 
> When I label it with gid 9 which is the group man I don't get a  
> security hint. But why would or should I label /usr/src with group- 
> privilegies man?
> 
> Is this the default behaviour? I'm running FreeBSD RELENG_6_0

My /usr/src directory is root:wheel - eg UID root,  GID wheel
on each of the FreeBSD versions I have handy to look at which
includes 6.0.

Your daily security output may just be telling you that it
changed to something from the GID of 9 that it was the last
time it checked.    I don't know of any other reason it would
point that out.

////jerry

> 
> Best regards,
> Stefan
>