Re: RE: Security with /var/opt/ignite

Adam Noble
Super Advisor

RE: Security with /var/opt/ignite

Hi all,

A default installation of ignite makes /var/opt/ignite/clients open to all.

I can understand the reasoning for this but are there ways of locking this down but still providing the functionality to build machines etc.

Tim Nelson
Honored Contributor

Re: RE: Security with /var/opt/ignite

are you referring to the configuration of the NFS exports ?

you can modify that security however you wish. man exports or man share depending on your version

/var/opt/ignite/clients with any host restrictions you want. during a rebuild/clone you would need to make sure you make the appropriate modifications before you start the recovery.

Steven E. Protter
Exalted Contributor

Re: RE: Security with /var/opt/ignite


There is no need to lock it down. There is no authentication information or anything that can compromise security.

In the end, the Ignite build process is a root process so you CAN lock it down.

There are some issues with Ignite client configuration directories needing to be bin:bin

I would challenge anyone saying there are security issues with /var/opt/ignite/clients to prove it.

What is really there? Text configuration files, mac addresses and pointers to Ignite archives.

No security issues at all.

Messing around here will likely cause pain. Pain without a good enough payoff to justify the pain

Steven E Protter
Owner of ISN Corporation
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com