Provided by: sxid_4.2-1ubuntu1_amd64 bug


       sxid.conf - configuration settings for sxid


       This  is  the  configuration file used by sxid to define it's parameters for execution. By
       default it is /etc/sxid.conf but can be anything using the --config  command  line  option
       for sxid.  Options in this file are in the form of OPTION = "VALUE" .  Note that the VALUE
       must be contained in double quotes.


              If sxid does not find any changes it will not send  an  email  unless  you  specify
              "yes" here.

              Usually  sxid  will  only rotate the log files when there is a change from the last
              run. This is usually best, since all logs will record a change rather than  just  a
              run  of  the  program.  If  you  want  to  rotate  the logs every time sxid is run,
              regardless of changes, specify "yes" here.

       EMAIL  Where to send the email containing the output of changes every time  sxid  is  run.

              EMAIL = "Great Admin <>"

              Normally  sxid  only  flags  items  which  are  suid or sgid and are in a FORBIDDEN
              directory. With this option set to "yes" sxid will remove the s[ug]id bit(s) on any
              files  or  directories  it finds in forbidden directories and report any changes in
              the email. Note that directories listed in FORBIDDEN  are  searched  regardless  of
              whether or not they are listed in SEARCH.  However, EXCLUDED options still apply to
              directories that fall under them.

              A space seperated list of directories to exclude from the search. Note  that  if  a
              SEARCH  path  falls  under  an EXCLUDE path that it will still be searched. This is
              useful for excluding whole directories and only specifying one. Example:

              SEARCH  = "/usr /usr/src/linux"

              EXCLUDE = "/usr/src"

              File that contains a list of (each on it's own line)   of  other  files  that  sxid
              should  monitor.  This  is  useful  for  files that aren't +s, but relate to system
              integrity (tcpd, inetd, apache...). Example:

              EXTRA_LIST = "/etc/sxid.list"

              A space seperated list of directories that are not supposed to contain any suid  or
              sgid  items.  Items  which are suid or sgid in these directories are flagged in the
              email seperately from the other listings whether there are other  changes  or  not.

              FORBIDDEN = "/tmp /home"

              Ignore  entries  for directories in these paths. This means that only files will be
              recorded. You can effectively ignore all directory entries by setting this to "/".

              This is a numerical value for how many log files to keep when rotating.

              Forces a list of all entries to be included in th output. Implies ALWAYS_NOTIFY.

              The full path of where to store the log files. These will be rotated, each  rotated
              log  being  suffixed  with  a  digit.  The directories must already exist.  This is
              usually /var/log/sxid.log. Rotated logs would look like  /var/log/sxid.log.n  where
              'n' is the number in the rotation. The current log has no suffix.

              Mail  program.  This  changes  the default compiled in mailer for reports. You only
              need this if you have changed it's location and don't want to recompile sxid.

       SEARCH A space seperated list of directories to search. Sxid will use these as a  starting
              point for it's searches. Example:

              SEARCH = "/usr /bin /lib"


       Ben Collins <>


       Report bugs to current maintainer Timur Birsh <>.