Add /root/.ssh/authorized_keys to /etc/mtree/special so that security(8)

checks for the correct mode/ownership. prodded by ajacoutot@
author: landry <landry@openbsd.org> 2017-02-12 08:59:52 +0000
committer: landry <landry@openbsd.org> 2017-02-12 08:59:52 +0000
commit: 0976236ea3d7cb4ba435a5fecba21955b0488ea3 (patch)
tree: c5ee5ee8a45ff219e7a1557efa70489b6dae6d29
parent: In autoinstall, no need to create /mnt/root/.ssh if the install script (diff)
download: wireguard-openbsd-0976236ea3d7cb4ba435a5fecba21955b0488ea3.tar.xz
wireguard-openbsd-0976236ea3d7cb4ba435a5fecba21955b0488ea3.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/etc/mtree/special b/etc/mtree/special
index 5ecc5863d81..a6c7d1ad5c9 100644
--- a/etc/mtree/special
+++ b/etc/mtree/special
@@ -1,4 +1,4 @@
-#	$OpenBSD: special,v 1.122 2016/12/27 09:17:52 jca Exp $
+#	$OpenBSD: special,v 1.123 2017/02/12 08:59:52 landry Exp $
 #
 # Hand-crafted mtree specification for the dangerous files.
 #
@@ -121,6 +121,9 @@ root		type=dir mode=0700 uname=root gname=wheel
 .login		type=file mode=0644 uname=root gname=wheel
 .profile	type=file mode=0644 uname=root gname=wheel
 .rhosts		type=file mode=0600 uname=root gname=wheel optional
+.ssh		type=dir mode=0700 uname=root gname=wheel
+authorized_keys	type=file mode=0600 uname=root gname=wheel
+..	#root/.ssh
 ..	#root
 
 sbin		type=dir mode=0755 uname=root gname=wheel ignore
author	landry <landry@openbsd.org>	2017-02-12 08:59:52 +0000
committer	landry <landry@openbsd.org>	2017-02-12 08:59:52 +0000
commit	0976236ea3d7cb4ba435a5fecba21955b0488ea3 (patch)
tree	c5ee5ee8a45ff219e7a1557efa70489b6dae6d29
parent	In autoinstall, no need to create /mnt/root/.ssh if the install script (diff)
download	wireguard-openbsd-0976236ea3d7cb4ba435a5fecba21955b0488ea3.tar.xz wireguard-openbsd-0976236ea3d7cb4ba435a5fecba21955b0488ea3.zip