BSD.root.dist revision 37 
137Srgrimes#	fs: /
237Srgrimes#	by: bostic
337Srgrimes#
437Srgrimes#	%W% (Berkeley) %G%
537Srgrimes
637Srgrimes# top-level files are owned by root.wheel
737Srgrimes# (else too easy to get root by compromising these)
837Srgrimes
937Srgrimes/set owner=root group=wheel mode=0755 type=file
1037Srgrimes
1137Srgrimessys	type=link size=11 link=usr/src/sys
1237Srgrimesa	type=dir
1337Srgrimes..
1437Srgrimesb	type=dir
1537Srgrimes..
1637Srgrimes
1737Srgrimesdev	type=dir
1837Srgrimes	fd	type=dir
1937Srgrimes	..
2037Srgrimes..
2137Srgrimes
2237Srgrimesetc	type=dir
2337Srgrimes	disklabels	type=dir
2437Srgrimes	..
2537Srgrimes# what is the following for?
2637Srgrimes/set nlink=1
2737Srgrimes	kerberosIV	type=dir
2837Srgrimes	..
2937Srgrimes	mtree	type=dir
3037Srgrimes	..
3137Srgrimes	namedb	type=dir
3237Srgrimes	..
3337Srgrimes	passwd	mode=0644
3437Srgrimes	master.passwd mode=0600
3537Srgrimes	spwd.db	mode=0600
3637Srgrimes	pwd.db	mode=0644
3737Srgrimes	group	mode=0644
3837Srgrimes	crontab	mode=0644
3937Srgrimes	dumpdates	group=operator mode=0664
4037Srgrimes
4137Srgrimes	# config files, writeable by root
4237Srgrimes	/set mode=0644 type=file
4337Srgrimes	daily
4437Srgrimes	weekly
4537Srgrimes	monthly
4637Srgrimes	exports
4737Srgrimes	fstab
4837Srgrimes	hosts.equiv
4937Srgrimes	hosts.lpd
5037Srgrimes	inetd.conf
5137Srgrimes	printcap
5237Srgrimes	rc
5337Srgrimes	rc.local
5437Srgrimes	netstart	mode=0755
5537Srgrimes	remote
5637Srgrimes	security
5737Srgrimes	sendmail.cf
5837Srgrimes	sendmail.cw
5937Srgrimes	syslog.conf
6037Srgrimes	ttys
6137Srgrimes
6237Srgrimes	# prototype files, not normally written by root
6337Srgrimes	/set mode=0444
6437Srgrimes	ftpusers
6537Srgrimes	shells
6637Srgrimes	gettytab
6737Srgrimes	named.boot
6837Srgrimes	hosts
6937Srgrimes	networks
7037Srgrimes	protocols
7137Srgrimes	services
7237Srgrimes	localtime	owner=bin group=bin
7337Srgrimes	man.conf	owner=bin group=bin
7437Srgrimes
7537Srgrimes..
7637Srgrimes
7737Srgrimesmnt	type=dir
7837Srgrimes..
7937Srgrimesroot	type=dir
8037Srgrimes..
8137Srgrimesstand	type=dir
8237Srgrimes..
8337Srgrimestmp	type=dir owner=bin group=bin mode=01777
8437Srgrimes..
8537Srgrimesusr	type=dir
8637Srgrimes..
8737Srgrimesvar	type=dir
8837Srgrimes..
8937Srgrimes
9037Srgrimes# binary directories:
9137Srgrimes/set owner=bin group=bin mode=0755
9237Srgrimesbin	type=dir
9337Srgrimes..
9437Srgrimessbin	type=dir
9537Srgrimes..
96