Thanks for testing and pointing this out. I've re-packed the latest version and uploaded the new tarballs with fixed permissions. -Stefan > A partial fix would be to run the following bash commands. The reason > I > say partial is because I got the permissions from a different > firewall > that does not have Guardian installed on it, so it could not > determine > the correct permissions for any of those directories. > > This was taken from the output of a perl script I threw together. It > is > NOT commented (sorry) but pretty straight forward. Simply gets the > permissions and ownership from each directory (and parent directory) > out > of an array based on Matthias' research. I did NOT check to verify > the > permissions were not already set. The output is simply a list of > commands to set permissions from one machine to the same as the > permissions on another. > > The originating script is temporarily stored at > http://unixservertech.com/fixPermissions.pl > That is a web site in progress. Feel free to download and run it on a > machine that has Guardian (after looking at it and making sure I > didn't > do something stoopid). No guarantee it won't eat your firewall, but I > ran it on a production machine, then ran the output on my test router > and it appears to have worked. > ====================================================== > chown 0:0 /etc > chmod 0755 /etc > > chown 0:0 /etc/logrotate.d > chmod 0755 /etc/logrotate.d > > chown 0:0 /etc/rc.d > chmod 0755 /etc/rc.d > > chown 0:0 /etc/rc.d/init.d > chmod 0755 /etc/rc.d/init.d > > chown 0:0 /etc/rc.d/init.d/networking > chmod 0755 /etc/rc.d/init.d/networking > > chown 0:0 /etc/rc.d/init.d/networking/red.up > chmod 0755 /etc/rc.d/init.d/networking/red.up > > chown 0:0 /etc/rc.d/init.d/snort > chmod 0754 /etc/rc.d/init.d/snort > > chown 0:0 /etc/rc.d/rc0.d > chmod 0755 /etc/rc.d/rc0.d > > chown 0:0 /etc/rc.d/rc3.d > chmod 0755 /etc/rc.d/rc3.d > > chown 0:0 /etc/rc.d/rc6.d > chmod 0755 /etc/rc.d/rc6.d > > chown 0:0 /opt > chmod 0755 /opt > > chown 0:0 /opt/pakfire > chmod 0755 /opt/pakfire > > chown 0:0 /opt/pakfire/db > chmod 0755 /opt/pakfire/db > > chown 0:0 /opt/pakfire/db/installed > chmod 0755 /opt/pakfire/db/installed > > chown 0:0 /srv > chmod 0755 /srv > > chown 0:0 /srv/web > chmod 0755 /srv/web > > chown 0:0 /srv/web/ipfire > chmod 0755 /srv/web/ipfire > > chown 0:0 /srv/web/ipfire/cgi-bin > chmod 0755 /srv/web/ipfire/cgi-bin > > chown 0:0 /srv/web/ipfire/cgi-bin/ids.cgi > chmod 0755 /srv/web/ipfire/cgi-bin/ids.cgi > > chown 0:0 /usr > chmod 0755 /usr > > chown 0:0 /usr/bin > chmod 0755 /usr/bin > > chown 0:0 /usr/lib > chmod 0755 /usr/lib > > chown 0:0 /usr/lib/perl5 > chmod 0755 /usr/lib/perl5 > > chown 0:0 /usr/lib/perl5/site_perl > chmod 0755 /usr/lib/perl5/site_perl > > chown 0:0 /usr/lib/perl5/site_perl/5.12.3 > chmod 0755 /usr/lib/perl5/site_perl/5.12.3 > > chown 0:0 /usr/lib/perl5/site_perl/5.12.3/Net > chmod 0755 /usr/lib/perl5/site_perl/5.12.3/Net > > chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi > chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi > > chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread- > multi/auto > chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread- > multi/auto > > chown 0:0 /usr/sbin > chmod 0755 /usr/sbin > > chown 0:0 /var > chmod 0755 /var > > chown 0:0 /var/ipfire > chmod 0755 /var/ipfire > > chown 0:0 /var/ipfire/backup > chmod 0755 /var/ipfire/backup > > chown 0:0 /var/ipfire/backup/addons > chmod 0755 /var/ipfire/backup/addons > > chown 0:0 /var/ipfire/backup/addons/includes > chmod 0755 /var/ipfire/backup/addons/includes > > chown 0:0 /var/ipfire/langs > chmod 0755 /var/ipfire/langs > > chown 0:0 /var/ipfire/langs/de.pl > chmod 0644 /var/ipfire/langs/de.pl > > chown 0:0 /var/ipfire/langs/en.pl > chmod 0644 /var/ipfire/langs/en.pl > > chown 0:0 /var/ipfire/menu.d > chmod 0755 /var/ipfire/menu.d > > chown 0:0 /var/log > chmod 0755 /var/log > ====================================================== >