.TH suid.conf 5suidmanager "Debian Utilities" "DEBIAN" \" -*- nroff -*-
.SH NAME
suid.conf \- Configuration file for files and directories with special permissions
.SH DESCRIPTION
\fBsuid.conf\fR contains lines describing the permissions for files
and directories on your system and information about who (user or a
package) is responsible for making this file or directory so special.
.PP
\fIsuid.conf\fR contains lines of the form:
.PP
whodoneit file user group mode
.PP
whodoneit directory user group mode
.PP
Where "whodoneit" is either the package name responsible for installing the
settings or "user" for a user override. Lines beginning with # are comments
and empty lines are ignored.
.PP
Example line:
.PP
sendmail /usr/bin/sendmail root mail 2755
.PP
Example override:
.PP
user /usr/bin/sendmail root root 4755 
.PP
If a package has been prepared for suidmanager then that package will
generate lines in \fI/etc/suid.conf\fR on installation. The administrator can then
change those permissions and the permissions will be kept intact across
upgrades. You can change permission with the
.B suidregister
command. Please do not specify a package name with -s if you do local
customization.
.B suidregister
will recognize a user override and mark your changes specially marked with "user" and
insure that those changes are kept across updates of the package.
If the "whodoneit" field is a package name then that package has
absolute authority over the binary and can change permissions at will. If
you change the \fIsuid.conf\fR file by hand and do not set the "whodoneit" field to
user then those permissions will be reset on the next upgrade!
.PP
If a package installs setgid/setuid binaries and does not implement
suidmanager then you have to run
.B suidregister
after each upgrade to reset the permissions after the package has
overwritten the binaries with your permissions.
.SH SEE ALSO
suidregister(8), suidunregister(8)
.SH AUTHOR
Christoph Lameter <clameter@debian.org>